CN105577686B - LAN single-point logging method based on network controller - Google Patents
LAN single-point logging method based on network controller Download PDFInfo
- Publication number
- CN105577686B CN105577686B CN201610058862.9A CN201610058862A CN105577686B CN 105577686 B CN105577686 B CN 105577686B CN 201610058862 A CN201610058862 A CN 201610058862A CN 105577686 B CN105577686 B CN 105577686B
- Authority
- CN
- China
- Prior art keywords
- packets
- information
- client
- subsystem
- lan
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 230000010354 integration Effects 0.000 abstract description 2
- 238000005516 engineering process Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 7
- 230000008569 process Effects 0.000 description 5
- 230000006854 communication Effects 0.000 description 2
- 235000013399 edible fruits Nutrition 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 235000014510 cooky Nutrition 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
Abstract
The present invention relates to a kind of LAN single-point logging method based on network controller, this method install the network controller with CAS Server first in LAN, which is connect with forwarding surface by OpenFlow agreements;It is then shut off the login function of information subsystem, and is respectively mounted preset network protocol module on the client;Correspond the access interface for configuring each information subsystem on the CAS Server, original access control logic in access interface Copy Info subsystem;When client sends out access request, it is added to Ticket as IP header informations in the IP packets of request data;The IP packets are forwarded to corresponding access interface on the CAS Server by forwarding surface, and carry out authentication by the access interface.This method carries out unified integration to existing all subsystems, realizes that user need to only log in once, and the single sign-on of corresponding multiple subsystems in LAN can be accessed according to user right.
Description
Technical field
The present invention relates to a kind of LAN single-point logging method based on network controller belongs to network control technology neck
Domain.
Background technology
Large-scale enterprise(Such as Nanjing electric company)Often in enterprises, there are multiple information subsystems, respectively
For handling different business.In order to integrate existing multiple information systems comprehensively, the information such as the data resource of enterprise are realized
Unified management, it is necessary first to unification be carried out to the login user name and password of existing information system, that is, realized to existing multi information
The global unified single-sign-on (i.e. Single Sign-On, abbreviation SSO) of system.Single-sign-on is each including enterprise
Class loading one of must solve the problems, such as when being integrated to its business.Single-sign-on may make in multiple application systems, use
Family only needs to log in the other application system that can once access all mutual trusts, i.e. user need to only log in once,
Multiple application systems that backstage is accessed by single-node login system, without re-entering username and password when secondary login.
CAS (i.e. Central Authentication Service) is that a good single-point for Web applications is stepped on
Record frame.The existing single-point logging method based on CAS technologies is as shown in Figure 1, participation single-sign-on process has user, subsystem
System, CAS clients, CAS Server end etc..
The basic functional principle of CAS frame(Role divides the work)It is as follows:
1)User's normal use subsystems.
2)Each subsystem must be transformed, and included either CAS clients or initially just used CAS clients structure.It is logical
Often, a kind of CAS Server end can provide a large amount of clients for meeting different technologies platform and realize, with most subsystems as integrated as possible
System.
3)The CAS clients being implanted in each application subsystem:When user's access sub-system, subsystem first with oneself
Mode(Such as, value is set by means of the state in Session)Whether identification user has succeeded logged subsystem, if it find that
User does not log in subsystem, then CAS clients is allowed to check whether user is logged on CAS Server(It checks whether to possess
The Ticket of CAS Server setting), user then asks to redirect and logs in CAS Server by mistake if not logged in.
If logged, whether CAS clients only need the Ticket held to CAS Server application verification user on backstage legal,
Illegal user will need to be redirected to CAS server-side login authentications.
4)CAS Server end:If there is user comes to log in, then login page is given, waits for that user inputs identity information simultaneously
It submits, CAS Server certification user.If legal, Ticket is set in client asks, user is asked to redirect and is arrived
Source subsystem.If there is subsystem(Pass through embedded CAS clients)Whether legal come over to verify Ticket, then by verification result
It is directly returned to subsystem.
It can find out from the above operation principle, traditional single-point logging method based on CAS frame needs in each subsystem
Integrated CAS clients.But it is this for information management subsystem that is a large amount of existing and having developed and disposed completion in enterprise
Method needs us to be transformed in the security module of each subsystem one by one.But the information system source of usual enterprises is different, has
A little systems do not have source code, though some bad modifications of system source code, and software platform, the language that possible each system uses
Speech also differs.Realize that the unified single-node login system of an overall situation, development cost are high and real on the system of such isomery
Existing difficulty is big, and technical feasibility is not high.
Invention content
The invention solves technical problems to be:The shortcomings that overcoming above-mentioned technology provides a kind of for existing in LAN
All sub-information systems carry out unified integration, under the premise of not changing existing information subsystem source code, realize that user need to only step on
Record is primary, and the single sign-on method of corresponding multiple subsystems in LAN can be accessed according to user right.
In order to solve the above-mentioned technical problem, technical solution proposed by the present invention is:A kind of local based on network controller
Net single-point logging method, the LAN are equipped with the information subsystem of several interconnections, and each information subsystem is respectively connected with
Multiple client;It the described method comprises the following steps:
1)Network controller is installed in the LAN, and CAS Server is installed on the network controller, it is described
Network controller is connect with forwarding surface by OpenFlow agreements;The forwarding surface is to be responsible for data forwarding task in LAN
Interchanger, router and gateway;The network controller carries out centralized control for local area network and realizes OpenFlow agreements
The function of middle control plane;
2)The login function for closing each information subsystem is pacified in each information subsystem and its client of connection
Fill the preset network protocol module for reading and writing IP packet header informations;It is each that configuration is corresponded on the CAS Server
The access interface of information subsystem, the access interface replicate the access control logic in each information subsystem;
3)The client sends out access request, and the server pointed by the destination address of the access request includes described
Network server other than information subsystem and the LAN, network protocol module in the client is by the client
Authentication information corresponding with the destination address in Session is added to the number of request that client is sent out as IP header informations
According to IP packets in;
4)The forwarding surface receives the IP packets, and the IP packets are forwarded on the CAS Server with the target
The corresponding access interface in location, and authentication is carried out to the corresponding authentication information of the destination address by the access interface, such as
Fruit is by authentication, then the information that the forwarding surface will be forwarded to pointed by the destination address by the IP packets of authentication
Subsystem;
5)If the IP packets not in authentication and the IP packets do not include Ticket, the CAS Server
CAS login pages are back to the client for sending out access request by the forwarding surface, logon information is inputted by the client
And the corresponding Ticket of destination address is generated, then the Ticket is added to by the network protocol module of the client described
It is sent to forwarding surface in IP packets and by the IP packets, repeats and executes step 4)With step 5);
If the IP packets not in authentication and the IP packets contain Ticket corresponding with the destination address,
Then the CAS Server generates the corresponding authentication information of the destination address using the Ticket, and the authentication information is preserved
Into the Session of the client, then recognized the destination address is corresponding by the network protocol module of the client
Card information is added in the IP packets as IP header informations and the IP packets is sent to forwarding surface, repeats and executes step 4)With
Step 5).
In legacy network devices, the data packet that network communication client is sent out is received by equipment such as interchanger, routers
Afterwards, continue, by planning as a whole to calculate in this equipment, to complete the correct of data packet and send out.Under this working method, equipment can only be in network
Layer, transport layer realize certain intelligence, cannot achieve complicated control, can not achieve single-sign-on function.
SDN(That is Software Defined Network, also known as software defined network)It is a kind of new network innovation frame
Structure, core technology standard are OpenFlow agreements.The function of the network equipment is divided into control plane and forwarding surface by SDN, forwarding
Sending and receiving for data is responsible in face, and control plane is responsible for the control decision about routing, permission etc. in data communication process.
SDN may be implemented by separating the control plane of the network equipment with forwarding surface to network packet forward-path and forwarding flow
The intelligent control of amount.It is based on this, the present invention is creatively extracted the control plane of legacy network devices using SDN frameworks
Come, is put together in network controller, all interchangers, router and gateway etc.(That is forwarding surface)Receiving network data
Bao Hou, it will ask network controller rather than the completion pool calculating that paddles one's own canoe, the equipment that network controller commands forwarding surface
(Interchanger, router and gateway i.e. in local area network etc.)Complete the correct forwarding of data packet.The present invention exactly utilizes network
CAS Server is mounted in network controller by the centralized control status of controller, by by CAS Server and SDN network phase
In conjunction with, using existing CAS frame realize LAN in single-sign-on function, therefore the present invention be network equipment layer without
It is to realize single-sign-on in application layer.
Ticket is the identification information that CAS Server is arranged in the IP packets of request data in the present invention, passes through Ticket
It can learn user identity.The present invention replicates the access registrar interface of each information subsystem on network controller, rather than repaiies
Change existing access control interface in each information subsystem to realize.The access interface of each information subsystem can be according to user's body
The authentication information that part generates or obtains.It is inserted into these authentication informations as header information in the IP packets of request data, CAS clothes
Business device just can confirm that the legitimacy of the IP packets of these request datas, so as to normally enter in target information subsystem.
The access control method of various platforms in existing each information subsystem, as shown in Fig. 2, being usually to be operated in network
Application layer.And the network controller of the present invention is used as header information by the way that IP packets are written in Ticket, in network equipment level
Work is cut, safe disposal time point is advanced;The access interface of all information subsystems is configured on CAS Server simultaneously,
The access interface replicates original access control logic in corresponding information subsystem, and therefore, no matter information subsystem is former
Which kind of access control technology is first used, can be integrating seamlessly among a single-sign-on system in the present invention, Er Qieji
At it is not necessary to modify information subsystem source codes in the process.
Preferably, the network protocol module is ipsec protocol stack.
Preferably, the step 4)Described in after forwarding surface receives the IP packets, the forwarding surface checks the IP packets
Target address information, if the address of any information subsystem in the target address information of the IP packets and the LAN is believed
Breath do not correspond to, then the forwarding surface by the IP packets be forwarded directly to the LAN pointed by the target address information with
Outer network server.
For the client of ipsec protocol stack can not be installed(These usual clients come from outer net, and software configuration is not
It is controlled by business rules), source IP address, port numbers, final access time etc. can be recorded in the forwarding surface of SDN network, and
With timeout mechanism(Such as more than 30 minutes)Client-side information to subsequent access does not occur for a long time is removed, net of the invention
Network controller can replace client maintenance IP heads by tracking these clients.
Description of the drawings
The invention will be further described below in conjunction with the accompanying drawings.
Fig. 1 is the single-point logging method in the prior art based on CAS technologies.
Fig. 2 is the access control method of client in the prior art.
Fig. 3 is the access control method of client in the embodiment of the present invention.
Specific implementation mode
Embodiment
The present embodiment is related to the LAN of an enterprises, there is more station information subsystems in the LAN, every
Information subsystem is equipped with band client.
The single sign-on method of the present embodiment includes the following steps:
1)As shown in figure 3, installing network controller in the LAN, and CAS is installed on the network controller
Server, the network controller are connect with forwarding surface by OpenFlow agreements;The forwarding surface is to be responsible for number in LAN
According to interchanger, router and the gateway of forwarding task;The network controller carries out centralized control for local area network and realizes
The function of control plane in OpenFlow agreements.
The present embodiment installs lightweight HTTP engines lighttpd to realize the work(of CAS Server on network controller
Can, to user(That is client etc.)CAS single-sign-ons interface is provided.Login page and the warning page are disposed on network controller
Equal HTML resources.These pages allow to upload customization when user installation equipment.
2)The login function for closing each information subsystem is pacified in each information subsystem and its client of connection
Fill the preset network protocol module for reading and writing IP packet header informations;It is each that configuration is corresponded on the CAS Server
The access interface of information subsystem, the access interface replicate the access control logic in each information subsystem.
Single-sign-on logic is realized on network controller, and safeguards that user logs in role-security number on network controller
According to library(It can certainly be external logon data bank interface)And it is equipped with user data Cache.It in this way can be to avoid each subsystem
System changes the relevant code of access control logic of oneself.Because typical technology platform number is limited, on technology platform of the same race
Mode for authenticating user identification is fixed(In Java Web programs, all come in maintenance subsystem using HTTP Session
Access control logic), so the exploitation of access interface is not normality event.
Preset network protocol module is ipsec protocol stack in the present embodiment.Ipsec protocol stack is operated in network layer,
Using being that client or information subsystem are added to Ticket as IP header informations in IP packets for convenience.
3)The client sends out access request, and the server pointed by the destination address of the access request includes described
Network server other than information subsystem and the LAN, network protocol module in the client is by the client
Authentication information corresponding with the destination address in Session is added to the number of request that client is sent out as IP header informations
According to IP packets in.
4)The forwarding surface receives the IP packets, and the IP packets are forwarded on the CAS Server with the target
The corresponding access interface in location, and authentication is carried out to the corresponding authentication information of the destination address by the access interface, such as
Fruit is by authentication, then the information that the forwarding surface will be forwarded to pointed by the destination address by the IP packets of authentication
Subsystem.
5)If the IP packets not in authentication and the IP packets do not include Ticket, the CAS Server
CAS login pages are back to the client for sending out access request by the forwarding surface, logon information is inputted by the client
And the corresponding Ticket of destination address is generated, then the Ticket is added to by the network protocol module of the client described
It is sent to forwarding surface in IP packets and by the IP packets, repeats and executes step 4)With step 5);
If the IP packets not in authentication and the IP packets contain Ticket corresponding with the destination address,
Then the CAS Server generates the corresponding authentication information of the destination address using the Ticket, and the authentication information is preserved
Into the Session of the client, then recognized the destination address is corresponding by the network protocol module of the client
Card information is added in the IP packets as IP header informations and the IP packets is sent to forwarding surface, repeats and executes step 4)With
Step 5).
The present invention can make following improve:The step 4)Described in after forwarding surface receives the IP packets, the forwarding
Face checks the target address information of the IP packets, if the target address information of the IP packets and any information in the LAN
The address information of subsystem does not correspond to, then the IP packets are forwarded directly to pointed by the target address information by the forwarding surface
The LAN other than network server.
In this way, the present invention has initiated to access in the client for being equipped with ipsec protocol stack to certain information subsystem, hair
The IP packets gone out are forwarded to network controller in process forwarding surface and are checked.Network controller is with checking the transmission objectives of IP packets
Location, discovery belong to the information subsystem to be monitored, are then further checked it, otherwise directly let pass.In this way, information subsystem
The access request that system receives, must be the legitimate request for carrying authentication information.As to whether carrying out " volume in information subsystem
Access control action outside " depends on the configuration in each information subsystem, only influences system performance and is logged in without influencing.
In addition, it is assumed that a client for coming from outer net, on client machine ipsec protocol stack was not installed, the visitor
When family end attempts to access that certain information subsystem in LAN, IP packets can equally pass through the inspection of network controller.Network control
Device processed search client process in the effective client inventory held records, if there is record exists, then extensive for client's IP packets
Ticket before multiple carries out subsequent processes.If record is not present, it is regarded as being not logged in client, returns to login page
And it adds it in the header information of IP packets.The new of the client next in this way ask into fashionable, before newly-built IP packets
Header information will be restored in the IP packets newly asked.
In fact, network controller can also be added to Ticket as HTTP Cookie in client's request, but it is
It can implement access control in lower level, these methods are only considered as by the present invention puts on record.It is real in IP data packet levels
Another benefit for applying access control is that the subsystem based on C/S frameworks is allowed to be also possible to be managed collectively by this single-node login system
Get up.
The present invention is not limited to the above embodiment the specific technical solution, and in addition to the implementation, the present invention may be used also
To there is other embodiment.It is all using equivalent replacement formed technical solution, be the present invention claims protection domain.
Claims (2)
1. a kind of LAN single-point logging method based on network controller, the LAN is equipped with the information of several interconnections
Subsystem, each information subsystem are respectively connected with multiple client;It the described method comprises the following steps:
1)Network controller is installed in the LAN, and CAS Server is installed on the network controller, the network
Controller is connect with forwarding surface by OpenFlow agreements;The forwarding surface is to be responsible for the exchange of data forwarding task in LAN
Machine, router and gateway;The network controller carries out centralized control and realizes to control in OpenFlow agreements for local area network
The function in face processed;
2)The login function for closing each information subsystem is respectively mounted pre- in each information subsystem and its client of connection
If for reading and writing the network protocol modules of IP packet header informations;It is corresponded on the CAS Server and configures each information
The access interface of subsystem, the access interface replicate the access control logic in each information subsystem;
3)The client sends out access request, and the server pointed by the destination address of the access request includes described information
Network server other than subsystem and the LAN, network protocol module in the client is by the client
Authentication information corresponding with the destination address in Session is added to the number of request that client is sent out as IP header informations
According to IP packets in;
4)The forwarding surface receives the IP packets, and checks the target address information of the IP packets, if the target of the IP packets
Location information and the address information of any information subsystem in the LAN be not corresponding, then the forwarding surface is by the IP packets
The network server being forwarded directly to other than the LAN pointed by the target address information;Otherwise the IP packets are forwarded to
Access interface corresponding with the destination address on the CAS Server, and by the access interface to the destination address pair
The authentication information answered carries out authentication, if by authentication, the forwarding surface will be turned by the IP packets of authentication
It is sent to the information subsystem pointed by the destination address;
5)If the IP packets are not over Ticket is included in authentication and the IP packets, the CAS Server is by CAS
Login page is back to the client for sending out access request by the forwarding surface, is inputted logon information by the client and is generated
Then the Ticket is added in the IP packets by the corresponding Ticket of destination address by the network protocol module of the client
And the IP packets are sent to forwarding surface, it repeats and executes step 4)With step 5);
If the IP packets not in authentication and the IP packets contain Ticket corresponding with the destination address, institute
It states CAS Server and generates the corresponding authentication information of the destination address using the Ticket, and the authentication information is saved in institute
In the Session for stating client, then the corresponding certification of the destination address is believed by the network protocol module of the client
Breath is added in the IP packets as IP header informations and the IP packets is sent to forwarding surface, repeats and executes step 4)And step
5).
2. the LAN single-point logging method according to claim 1 based on network controller, it is characterised in that:The net
Network protocol module is ipsec protocol stack.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610058862.9A CN105577686B (en) | 2016-01-28 | 2016-01-28 | LAN single-point logging method based on network controller |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610058862.9A CN105577686B (en) | 2016-01-28 | 2016-01-28 | LAN single-point logging method based on network controller |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105577686A CN105577686A (en) | 2016-05-11 |
| CN105577686B true CN105577686B (en) | 2018-09-11 |
Family
ID=55887343
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610058862.9A Active CN105577686B (en) | 2016-01-28 | 2016-01-28 | LAN single-point logging method based on network controller |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105577686B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107682321B (en) * | 2017-09-14 | 2019-03-29 | 广州西麦科技股份有限公司 | A kind of method and device of SDN controller cluster single-sign-on |
| CN110971714B (en) * | 2018-09-28 | 2023-10-27 | 贵州白山云科技股份有限公司 | Enterprise exit access request processing method, device and system |
| CN109472123A (en) * | 2018-11-05 | 2019-03-15 | 用友网络科技股份有限公司 | A kind of cloud service integrates the method and system of third party's single-sign-on customer center |
| CN115037509A (en) * | 2022-04-25 | 2022-09-09 | 浙江清捷智能科技有限公司 | Industrial network safety protection system and safety protection method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104134113A (en) * | 2013-12-23 | 2014-11-05 | 国云科技股份有限公司 | Informatization system based on cloud computing SaaS service mode and integrating method |
| CN104468749A (en) * | 2014-11-23 | 2015-03-25 | 国云科技股份有限公司 | Method for achieving NET client side and CAS integrated single sign-on |
-
2016
- 2016-01-28 CN CN201610058862.9A patent/CN105577686B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104134113A (en) * | 2013-12-23 | 2014-11-05 | 国云科技股份有限公司 | Informatization system based on cloud computing SaaS service mode and integrating method |
| CN104468749A (en) * | 2014-11-23 | 2015-03-25 | 国云科技股份有限公司 | Method for achieving NET client side and CAS integrated single sign-on |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105577686A (en) | 2016-05-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104753887B (en) | Security management and control implementation method, system and cloud desktop system | |
| US7840708B2 (en) | Method and system for the assignment of security group information using a proxy | |
| US8893258B2 (en) | System and method for identity based authentication in a distributed virtual switch network environment | |
| CN106936853A (en) | A kind of system-oriented integrated cross-domain single login system and method | |
| US7035281B1 (en) | Wireless provisioning device | |
| EP3579461B1 (en) | Virtualization method for optical line terminal (olt) device, and related device | |
| CN105577686B (en) | LAN single-point logging method based on network controller | |
| US9043589B2 (en) | System and method for safeguarding and processing confidential information | |
| CN107493280A (en) | Method, intelligent gateway and the certificate server of user authentication | |
| US20080123536A1 (en) | Virtual network testing and deployment using network stack instances and containers | |
| US20090083422A1 (en) | Apparatus and method for improving network infrastructure | |
| CN103404103A (en) | System and method for combining an access control system with a traffic management system | |
| US20060153192A1 (en) | Network host isolation tool | |
| US11368462B2 (en) | Systems and method for hypertext transfer protocol requestor validation | |
| CN101512510A (en) | Method and system for providing network management based on defining and applying network administrative intents | |
| WO2016202007A1 (en) | Device operation and maintenance method and system | |
| CN102597986A (en) | Serial port forwarding over secure shell for secure remote management of networked devices | |
| CN108833363A (en) | A kind of block chain right management method and system | |
| CN106488525A (en) | A kind of wireless network construction method of IP dynamic binding and corresponding network framework | |
| CN107295008A (en) | A kind of connection method for building up under enterprise's mixing cloud computing environment | |
| CN116055254A (en) | Safe and trusted gateway system, control method, medium, equipment and terminal | |
| CN110149235B (en) | Tree-shaped network proxy system supporting multi-user and multi-network protocol and capable of being dynamically expanded | |
| CN104580081A (en) | Integrated SSO (single sign on) system | |
| US6839708B1 (en) | Computer system having an authentication and/or authorization routing service and a CORBA-compliant interceptor for monitoring the same | |
| CN103475491B (en) | A kind of remote maintenance system logged in without cryptosecurity and implementation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |