CN105610774A - Network safety system based on encryption algorithm and safety box - Google Patents
Network safety system based on encryption algorithm and safety box Download PDFInfo
- Publication number
- CN105610774A CN105610774A CN201510592288.0A CN201510592288A CN105610774A CN 105610774 A CN105610774 A CN 105610774A CN 201510592288 A CN201510592288 A CN 201510592288A CN 105610774 A CN105610774 A CN 105610774A
- Authority
- CN
- China
- Prior art keywords
- encryption
- key
- network
- module
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network safety system based on an encryption algorithm and a safety box. The system comprises a safety encryption unit and a safety verification unit. The safety encryption unit comprises an encryption indication generation module, an encryption key generation module, a coding encryption module, a text data encryption module and a scrambling code processing module which are successively connected. The encryption indication generation module is connected to a high safety network. The scrambling code processing module is connected to a low safety network. The safety encryption unit also comprises a time stamp generation module connected to the encryption indication generation module. The safety verification unit comprises an address verification module and an encryption indication verification module. The low safety network is connected to the high safety network successively through the address verification module and the encryption indication verification module. In the invention, during a data transmission process of high and low safety networks, unified safety encryption and unified safety verification of data are realized; data transparence safety during the transmission process is guaranteed and text data cryptograph safety is effectively increased.
Description
Technical field
The present invention relates to network safety filed, particularly relate to a kind of network safety system based on AES, and be equipped with the secure box of this network safety system.
Background technology
Network security refers to that the data in hardware, software and the system thereof of network system are protected, and not because of the former of accidental or malice thereby be subjected to destroy, change, reveal, system is reliably normally operation continuously, and network service does not interrupt.
In the technology of existing solution network security, generally there are following three kinds of problems:
1) between each corporate department, exist different encryption safe algorithms, be all integrated in software module separately before, have overlapping development and mass discrepancy to a great extent, very high with the application software degree of coupling, safe coefficient is uneven.
2) there are some drawbacks in various degree in the method for existing conventional encrypted transmission, for example: when the mode of employing certificate is transmitted, can find and forge certificate by Network Sniffing, the making of certificate simultaneously also needs certain cost.
3) existingly often utilize transporting of height place of safety that safe gateway realizes data, safety isolation network gate, have another name called " gateway ", " physics isolation net gap ", in order to realize the safety isolation between different level of security networks, and the software and hardware system of the controlled exchanges data of appropriateness is provided, but safety isolation network gate exists cost expensive and dispose the defects such as trouble.
Summary of the invention
The object of the invention is to overcome the deficiencies in the prior art, a kind of network safety system based on AES is provided, is applied in secure box, taking secure box as carrier, realize in the data transmission procedure of height secure network the unified safety encipher of data and unified safety check. Ensure the transparent safety of data in transmitting procedure, protect to be subject to guarantor's machine, the security that effectively improves textual data ciphertext in high secure network.
The object of the invention is to be achieved through the following technical solutions: a kind of network safety system based on AES, it comprises safety encipher unit, this safety encipher unit comprises following multiple module.
1. encrypt and indicate generation module: data segment selection 1-n time or 1-n kind rivest, shamir, adelman to sent Socket message are encrypted computing, and the encryption that obtains fixed length byte indicates, and n is natural number.
2. encryption key generation module: primary key key selection 1-n time or 1-n kind rivest, shamir, adelman in Socket message are encrypted to computing, obtain encryption key Encryption_key.
3. coding encrypting module: encryption key Encryption_key is carried out 1-n time or the processing of 1-n kind coding encrypting again, obtain coded key Encode_Encryption_key.
4. encrypt factor extraction module: coded key Encode_Encryption_key is resolved into the multiple different encryption factor that affects textual data encrypted result.
5. textual data encrypting module: factor pair textual data is expressly selected 1-n time or 1-n kind symmetric encipherment algorithm is encrypted computing according to encrypting, and obtains textual data ciphertext, obtains the Socket message to be sent after new encryption.
Further, the described encryption factor comprises the key SymmetricEncryption_key using the first length word sections as symmetric encipherment algorithm in coded key Encode_Encryption_key, also comprises the vector of the encryption using the second length word sections as symmetric encipherment algorithm SymmetricEncryption_IV in coded key Encode_Encryption_key.
Further, described system also comprises scrambler processing module: the data segment to the Socket message to be sent after encrypting carries out scrambler processing.
Preferably, described scrambler processing comprises the upset of byte and the positioning of byte.
Further, described system also comprises timestamp generation module: timestamp generation module generation time stamp, and encrypt sign generation module, according to timestamp, the data segment of Socket message is carried out to asymmetric encryption computing, obtain encrypting sign.
Further, described timestamp comprises current time stamp, timestamp of upper moment and lower moment timestamp, upper moment timestamp and lower moment timestamp are former and later two contiguous timestamps of current time stamp, encrypt sign generation module and respectively data segment is carried out to asymmetric encryption computing according to these three timestamps, obtain encrypting sign.
In the present invention, described system also comprises safety check unit, this safety check unit comprises encrypts sign correction verification module: in the time that lower security network sends Socket message to high secure network, encrypt this Socket message to be received of sign correction verification module verification and carry described encryption sign, if exist, judge that this Socket message is as legal message, otherwise, carry out alarm log record and abandon this Socket message.
Further, described safety check unit comprises address check module: adopt the mode of pairing to carry out address check to the source port address in the header of Socket message and destination interface address, filter out the unmatched Socket message in source port address and destination interface address.
A kind of secure box, comprises the described network safety system based on AES, and one end of this secure box is connected with lower security network by network interface, and the other end of this secure box is connected with high secure network by USB interface.
The invention has the beneficial effects as follows:
1) high secure network and lower security network all adopt network safety system proposed by the invention, treat the Socket message of reception and unify safety encipher and unified safety check, reach farthest multiplexing, without integrated AES in the software module of each corporate department again, overcome the problem of overlapping development and mass discrepancy.
2) the present invention just can filter out most of invalid informations by address check module at network level, indicates malicious requests that correction verification module makes the malicious attack such as DDOS cannot enter high secure network and arrive the guarantor's machine that is subject to by encryption.
3) encryption method proposed by the invention can realize transparent data transmission, prevents Network Sniffing, is arrived even if data smell to visit, and also there will not be the danger of leakage of information; The present invention can be according to selecting factors 1-n time or 1-n kind rivest, shamir, adelman and symmetric encipherment algorithms such as application scenarios, security and performances, improve the complexity of key, increase key strength and prevent weak passwurd problem, increase the complexity of encrypting the factor, improve the security of textual data ciphertext.
4) the present invention also prevents cracking of directional orientation tool to algorithm by scrambler processing.
5) the present invention adopts secure box to replace safety isolation network gate of the prior art, and secure box is connected with lower security network by network interface, is connected with high secure network by USB interface, line is simple, be beneficial to deployment, and secure box is simple in structure, with low cost. When high secure network is during to lower security Internet Transmission information, by the algorithm for encryption of secure box, the assailant of lower security network cannot crack, and has ensured the security of high secure network data; When lower security network is during to high secure network transmission information, only carry and encrypt the message indicating and could pass through, all can not passing through of other, has ensured the pure of high secure network data.
Brief description of the drawings
Fig. 1 is the structured flowchart of safety encipher unit in the present invention;
Fig. 2 is the structured flowchart of safety check unit in the present invention;
Fig. 3 is the schematic flow sheet of encryption method in the present invention;
Fig. 4 is the structured flowchart of network safety system in the present invention;
Fig. 5 is one of structure chart of secure box in the present invention;
Fig. 6 be secure box in the present invention structure chart two;
Fig. 7 is the structured flowchart of the movement circuit of secure box in the present invention;
In figure, 1-shell, 2-USB interface, 3-network interface, 4-power supply indicator, 5-communicates to connect indicator lamp, 6-power interface, 7-switch, 8-reset key.
Detailed description of the invention
Below in conjunction with accompanying drawing, technical scheme of the present invention is described in further detail, but protection scope of the present invention is not limited to the following stated.
Based on a network safety system for AES, it comprises safety encipher unit and safety check unit, when described safety encipher unit sends Socket message for high secure network to lower security network, carries out safety encipher to sent Socket message; When described safety check unit sends Socket message for lower security network to high secure network, the Socket message for the treatment of reception carries out safety check. Wherein, the form of described Socket message is: header+data segment; Header can be IP header, UDP header or TCP header etc. Data segment comprises encrypts sign and textual data. Described encryption is denoted as encryption sign generation module and in the data segment of Socket message to be sent, gets fixed length byte (for example getting 20 bytes).
(1) safety encipher unit
As shown in Figure 1, in the present invention, described safety encipher unit comprises following multiple module:
1. encrypt and indicate generation module: data segment selection 1-n time or 1-n kind rivest, shamir, adelman to sent Socket message are encrypted computing, and the encryption that obtains fixed length byte indicates.
2. encryption key generation module: primary key key selection 1-n time or 1-n kind rivest, shamir, adelman in Socket message are encrypted to computing, obtain encryption key Encryption_key, obtain new encryption and indicate, n is natural number.
3. coding encrypting module: encryption key Encryption_key is carried out 1-n time or the processing of 1-n kind coding encrypting again, obtain coded key Encode_Encryption_key.
Can further improve the complexity of key by coding encrypting, increase key strength, prevent weak passwurd problem, the present invention also can select 1-n time or the processing of 1-n kind coding encrypting according to application scenarios, security and performance, further increases the complexity of encrypting the factor.
4. encrypt factor extraction module: coded key Encode_Encryption_key is resolved into the multiple different encryption factor that affects textual data encrypted result.
Further, the described encryption factor comprises the key SymmetricEncryption_key using the first length word sections as symmetric encipherment algorithm in coded key Encode_Encryption_key, also comprises the vector of the encryption using the second length word sections as symmetric encipherment algorithm SymmetricEncryption_IV in coded key Encode_Encryption_key.
5. textual data encrypting module: factor pair textual data is expressly selected 1-n time or 1-n kind symmetric encipherment algorithm is encrypted computing according to encrypting, and obtains textual data ciphertext, obtains the Socket message to be sent after new encryption.
6. scrambler processing module: the data segment to the Socket message to be sent after encrypting carries out scrambler processing.
Further, described scrambler processing comprises the upset of byte and the positioning of byte.
7. timestamp generation module: timestamp generation module generation time stamp, encrypt sign generation module, according to timestamp, the data segment of Socket message is carried out to asymmetric encryption computing, obtain encrypting sign.
Further, in the time data segment being carried out to asymmetric encryption computing according to timestamp, secure box, high secure network and lower security network tripartite's timestamp requires consistent, consider the situation that critical value is made mistakes, the present invention allows this tripartite to have the suitable fault-tolerant time difference, described timestamp can comprise current time stamp, upper moment timestamp and lower moment timestamp, upper moment timestamp and lower moment timestamp are former and later two contiguous timestamps of current time stamp, encrypt sign generation module and respectively data segment selection 1-n time or 1-n kind rivest, shamir, adelman are encrypted to computing according to these three timestamps, obtain encrypting and indicate.
Accordingly, recipient is receiving after the Socket message of encryption, need utilize corresponding AES to be decrypted checking to encrypting to indicate. In the proof procedure indicating in encryption, selecting corresponding 1-n time or 1-n kind symmetric encipherment algorithm to be decrypted comparison according to timestamp processes, obtain checking data, if this checking data is consistent with encryption key Encryption_key, the encryption of this message sign is legal.
Further, if timestamp comprises that current time stamp, timestamp of upper moment and lower moment are when timestamp, selecting corresponding 1-n time or 1-n kind symmetric encipherment algorithm to be decrypted comparison to data segment respectively according to these three timestamps processes, as long as occur that a checking data is consistent with encryption key Encryption_key, judge that the encryption sign of this Socket message is legal.
Certainly, consider for performance, can first be decrypted comparison according to current time stamp, in the time that appearance is illegal, then be decrypted comparison by former and later two contiguous timestamps.
(2) safety check unit
As shown in Figure 2, in the present invention, described safety check unit comprises following multiple module:
1. encrypt and indicate correction verification module: in the time that lower security network sends Socket message to high secure network, encrypt this Socket message to be received of sign correction verification module verification and carry described encryption sign, if exist, judge that this Socket message is as legal message, otherwise, carry out alarm log record and abandon this Socket message.
2. address check module: before encryption sign correction verification module carries out safety check to band transmission Socket message, address check module adopts the mode of pairing to carry out address check to the source port address in the header of Socket message and destination interface address, filters out the unmatched Socket message in source port address and destination interface address.
In the present invention, encrypting sign correction verification module can make the malicious requests of the malicious attack such as DDOS cannot enter high secure network, because assailant does not also know that secure box has adopted the encryption which type of mode obtains to indicate, so assailant cannot copy to encrypt and indicate, even assailant not knows the verification of the sign of encryption, so cannot tackle, therefore can indicate inspection place in encryption and filter out these attacks. And address check module can just can filter out most of invalid informations at network level.
(3) operation principle
A kind of network safety system based on AES proposed by the invention, be applied in a kind of secure box with features such as volume little Yi deployment, when high secure network is during to lower security Internet Transmission information, by the algorithm for encryption of network safety system, the assailant of lower security network cannot crack, and has ensured the security of high secure network data; When lower security network is during to high secure network transmission information, only carry and encrypt the message indicating and could pass through, all can not passing through of other, has ensured the pure of high secure network data.
(1) as shown in Figure 3,, in the time that high secure network sends Socket message by secure box to lower security network, its operation principle of carrying out safety encipher is as described below.
S1, timestamp generation module generation time stamp, obtain encrypting sign. Encrypt sign generation module and be encrypted computing according to timestamp to sent data segment selection 1-n time or the 1-n kind rivest, shamir, adelman of Socket message, the encryption that obtains fixed length byte indicates.
Described rivest, shamir, adelman comprises hash algorithm etc., can select 1-n time or 1-n kind hash algorithm data segment, carries out Hash signature, obtains encrypting indicating.
S2, encryption key generation module according to timestamp, the primary key key in Socket message are selected 1-n time or 1-n kind rivest, shamir, adelman is encrypted computing, obtain encryption key Encryption_key, encryption key Encryption_key is covered to primary key and form new encryption sign.
For example adopt hash algorithm, the encryption key Encryption_key obtaining is encryption key Hash_key.
S3, coding encrypting module are carried out 1-n time encryption key Hash_key or the processing of 1-n kind coding encrypting again, obtain coded key Encode_Encryption_key.
The coded key Encode_Encryption_key that for example adopt base64 coding encrypting algorithm, obtains is coded key BASE64_Hash_key.
S4, encrypt the factor extraction module coded key Encode_Encryption_key is resolved into the multiple different encryption factor that affects encrypted result, the described encryption factor comprises in coded key the key using the byte of the first length as symmetric encipherment algorithm, for example, using front 32 characters of coded key as the symmetric encipherment algorithm key A ES_key of (comprising AES symmetric encipherment algorithm), encrypt the factor and also comprise in coded key the encryption vector using the byte of the second length as symmetric encipherment algorithm, the for example vector of the encryption using rear 16 characters of coded key as AES symmetric encipherment algorithm AES_IV.
S5, textual data encrypting module is according to comprising key A ES_key and the encryption factor of encrypting vectorial AES_IV, textual data is expressly selected 1-n time or 1-n kind symmetric encipherment algorithm (comprising AES symmetric encipherment algorithm) is encrypted computing, obtain textual data ciphertext, textual data ciphertext is covered to textual data and expressly form new textual data section, obtain the Socket message after new encryption, thereby realize data transparent transmission, even if data are smelt spy, also there will not be the problem of leakage of information, recipient can utilize corresponding AES (for example AES symmetric encipherment algorithm) to be decrypted computing. the present invention can, according to factors such as application scenarios, comprehensive operand and Cipher Strengths, expressly carry out multiple symmetric cryptography computing to textual data.
S6, scrambler processing module carry out scrambler processing to the data segment of the Socket message to be sent after encrypting, and comprise the upset of byte and the positioning of byte, to prevent cracking of directional orientation tool to algorithm.
(2) in the time that lower security network sends Socket message by secure box to high secure network, its operation principle of carrying out safety check is as follows.
S1, address check module adopt the mode of pairing to carry out address check to the source port address in the header of Socket message and destination interface address, filter out the unmatched Socket message in source port address and destination interface address. Realize and filter out most of invalid informations at network level.
Whether the data segment that S2, encryption indicate this message to be transmitted of correction verification module verification has described encryption to indicate, can be encrypted respectively computing to three timestamps, obtain three checking datas, as long as one of them checking data indicates consistent with encryption, just legal message at last, otherwise, to carrying out alarm log record and abandoning this reception message.
(4) secure box
A kind of secure box proposed by the invention, comprise the above-mentioned network safety system based on AES, as shown in Figure 4, one end of this secure box is connected with lower security network by network interface 3, and the other end of this secure box is connected with high secure network by USB interface 2.
As shown in Figure 5, in the present invention, shown secure box comprises shell 1 and is arranged on the movement circuit for safety check in shell 1, on described shell 1, be also provided with the USB interface 2 being connected with high secure network and the network interface 3 being connected with lower security network, this secure box has the features such as volume little Yi deployment, for replacing conventional safety isolation network gate at present.
Further, on described shell 1, be also provided with indicator lamp, described indicator lamp comprises power supply indicator 4 and communication connection indicator lamp 5.
Further, as shown in Figure 6, on described shell 1, be also provided with power interface 6, power interface 6 is connected with the power management module in movement circuit.
Further, on described shell 1, be also provided with switch 7, switch 7 comprises power switch and network on-off switch etc., can be key switch, soft-touch control or toggle switch.
Further, on described shell 1, be also provided with reset key 8, reset key 8 is connected with the reset circuit in movement circuit.
Further, described shell 1 is metal shell, both movement circuit is played a very good protection, and has improved again the radiating effect of this secure box.
Further, as shown in Figure 7, described movement circuit comprises main control module and the RAM module being connected with main control module respectively, FLASH module and clock module, and main control module is also connected with network interface 3 and USB interface 2 respectively.
Further, described movement circuit also comprises the physical network card being connected with main control module, and physical network card is also connected with network interface 3.
Further, described network interface 3 comprises WAN network interface.
Further, described USB interface 2 is USB3.0 interface.
In the present invention, the data buffer area that main control module is secure box, comprises safety encipher unit and safety check unit. Described safety encipher unit comprises that the encryption connecting successively indicates generation module, encryption key generation module, coding encrypting module, textual data encrypting module and scrambler processing module, encrypting sign generation module is connected with high secure network, scrambler processing module is connected with lower security network, and safety encipher unit also comprises the timestamp generation module being connected with encryption sign generation module. Described safety check unit comprises that address check module and encryption indicate correction verification module, and lower security network indicates correction verification module by address check module and encryption successively and is connected with high secure network.
In secure box, the internal memory that RAM module is secure box, for exchanges data and ephemeral data storage. Clock module provides real-time clock. Flash module, for storing the main program of carrying out verification, for main control module calls. Physical network card, makes the secure box can accessing Internet work. WAN network interface, connects lower security network (being outer net), receives data input. USB interface, connects high secure network (being Intranet), the data that output verification is qualified.
In the present invention, secure box is the equipment that ensures the safety of high secure network for lower security network in the time that high secure network transmits data. Secure box Main Function is in the incoming end of high secure network, when lower security network must enter the safety check of main control module during to high secure network transmission data, the data that meet protocol rule are just allowed to enter high secure network and data transmission procedure ciphertext is transmitted; The data that do not meet protocol rule directly abandon, and have ensured the pure of intranet data.
Claims (10)
1. the network safety system based on AES, is characterized in that, it comprises safety encipher unit, and this safety encipher unit comprises following multiple module:
Encrypt and indicate generation module: data segment selection 1-n time or 1-n kind rivest, shamir, adelman to sent Socket message are encrypted computing, and the encryption that obtains fixed length byte indicates;
Encryption key generation module: primary key key selection 1-n time or 1-n kind rivest, shamir, adelman in Socket message are encrypted to computing, obtain encryption key Encryption_key;
Coding encrypting module: encryption key Encryption_key is carried out 1-n time or the processing of 1-n kind coding encrypting again, obtain coded key Encode_Encryption_key;
Encrypt factor extraction module: coded key Encode_Encryption_key is resolved into the multiple different encryption factor that affects textual data encrypted result;
Textual data encrypting module: factor pair textual data is expressly selected 1-n time or 1-n kind symmetric encipherment algorithm is encrypted computing according to encrypting, and obtains textual data ciphertext, obtains the Socket message after new encryption.
2. a kind of network safety system based on AES according to claim 1, it is characterized in that: the described encryption factor comprises the key SymmetricEncryption_key using the first length word sections as symmetric encipherment algorithm in coded key Encode_Encryption_key, also comprise the vector of the encryption using the second length word sections as symmetric encipherment algorithm SymmetricEncryption_IV in coded key Encode_Encryption_key.
3. a kind of network safety system based on AES according to claim 1, is characterized in that, described system also comprises scrambler processing module: the data segment to the Socket message after encrypting carries out scrambler processing.
4. a kind of network safety system based on AES according to claim 3, is characterized in that: described scrambler processing comprises the upset of byte and the positioning of byte.
5. a kind of network safety system based on AES according to claim 1, it is characterized in that, described system also comprises timestamp generation module: timestamp generation module generation time stamp, encrypt sign generation module, according to timestamp, the data segment of Socket message is carried out to asymmetric encryption computing, obtain encrypting sign.
6. a kind of network safety system based on AES according to claim 5, it is characterized in that: described timestamp comprises current time stamp, timestamp of upper moment and lower moment timestamp, upper moment timestamp and lower moment timestamp are former and later two contiguous timestamps of current time stamp, encrypt sign generation module and respectively data segment is carried out to asymmetric encryption computing according to these three timestamps, obtain encrypting sign.
7. a kind of network safety system based on AES according to claim 1, it is characterized in that, described system also comprises safety check unit, this safety check unit comprises encrypts sign correction verification module: in the time that lower security network sends Socket message to high secure network, encrypt this Socket message to be received of sign correction verification module verification and carry described encryption sign, if exist, judge that this Socket message is as legal message, otherwise, carry out alarm log record and abandon this Socket message.
8. a kind of network safety system based on AES according to claim 1, it is characterized in that, described system also comprises safety check unit, this safety check unit comprises address check module: adopt the mode of pairing to carry out address check to the source port address in the header of Socket message and destination interface address, filter out the unmatched Socket message in source port address and destination interface address.
9. a secure box, is characterized in that: comprise the network safety system based on AES as described in claim 1-8 any one.
10. a kind of secure box according to claim 9, is characterized in that: one end of this secure box is connected with lower security network by network interface, and the other end of secure box is connected with high secure network by USB interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510592288.0A CN105610774B (en) | 2015-09-17 | 2015-09-17 | A kind of network safety system and secure box based on Encryption Algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510592288.0A CN105610774B (en) | 2015-09-17 | 2015-09-17 | A kind of network safety system and secure box based on Encryption Algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105610774A true CN105610774A (en) | 2016-05-25 |
| CN105610774B CN105610774B (en) | 2018-11-20 |
Family
ID=55990314
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510592288.0A Active CN105610774B (en) | 2015-09-17 | 2015-09-17 | A kind of network safety system and secure box based on Encryption Algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105610774B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1808992A (en) * | 2005-01-18 | 2006-07-26 | 英业达股份有限公司 | Security management service system and its implementation method |
| CN103902271A (en) * | 2012-12-27 | 2014-07-02 | 航天信息股份有限公司 | Method for unified displaying of form interface in client side and browser |
-
2015
- 2015-09-17 CN CN201510592288.0A patent/CN105610774B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1808992A (en) * | 2005-01-18 | 2006-07-26 | 英业达股份有限公司 | Security management service system and its implementation method |
| CN103902271A (en) * | 2012-12-27 | 2014-07-02 | 航天信息股份有限公司 | Method for unified displaying of form interface in client side and browser |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105610774B (en) | 2018-11-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104023013B (en) | Data transmission method, server side and client | |
| Xin | A mixed encryption algorithm used in internet of things security transmission system | |
| CN103595530B (en) | Software secret key updating method and device | |
| CN101478548B (en) | Data transmission ciphering and integrity checking method | |
| CN101640682B (en) | Method for improving safety of Web service | |
| CN108347419A (en) | Data transmission method and device | |
| CN111245862A (en) | System for safely receiving and sending terminal data of Internet of things | |
| CN108111306A (en) | A kind of communication means between power distribution automation main station and distribution power automation terminal | |
| CN102780698A (en) | User terminal safety communication method in platform of Internet of Things | |
| CN105610848A (en) | Centralized data preservation method and system with source data security guaranty mechanism | |
| CN103428204A (en) | Data security implementation method capable of resisting timing attacks and devices | |
| CN109005027B (en) | Random data encryption and decryption method, device and system | |
| CN106209883A (en) | Based on link selection and the multi-chain circuit transmission method and system of broken restructuring | |
| CN107181716A (en) | A kind of secure communication of network system and method based on national commercial cipher algorithm | |
| CN102868531A (en) | Networked transaction certification system and method | |
| CN104009842A (en) | Communication data encryption and decryption method based on DES encryption algorithm, RSA encryption algorithm and fragile digital watermarking | |
| Premnath et al. | Application of NTRU cryptographic algorithm for SCADA security | |
| CN106209916A (en) | Industrial automation produces business data transmission encryption and decryption method and system | |
| CN109005151A (en) | A kind of encryption of information, decryption processing method and processing terminal | |
| CN105306437B (en) | A kind of encryption of network security and method of calibration | |
| CN107707564B (en) | A kind of escape way based on cloud network establishes system | |
| CN114124416B (en) | System and method for quickly exchanging data between networks | |
| CN104732614A (en) | Access device for encrypting wiegand protocol signal and encryption and decryption method thereof | |
| CN107534552B (en) | Method executed at server device, client device and server device | |
| CN100364305C (en) | Information security method of industrial control network and security function block |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |