CN106487804A - High in the clouds secret authentication platform and its method for building up - Google Patents

High in the clouds secret authentication platform and its method for building up Download PDF

Info

Publication number
CN106487804A
CN106487804A CN201611012563.8A CN201611012563A CN106487804A CN 106487804 A CN106487804 A CN 106487804A CN 201611012563 A CN201611012563 A CN 201611012563A CN 106487804 A CN106487804 A CN 106487804A
Authority
CN
China
Prior art keywords
service server
clouds
main frame
enterprise
encryption equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611012563.8A
Other languages
Chinese (zh)
Inventor
季有为
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xindian Zhilian (Beijing) Technology Co., Ltd.
Original Assignee
Nantong Core Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nantong Core Technology Co Ltd filed Critical Nantong Core Technology Co Ltd
Priority to CN201611012563.8A priority Critical patent/CN106487804A/en
Publication of CN106487804A publication Critical patent/CN106487804A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/567Integrating service provisioning from a plurality of service providers

Abstract

The invention discloses a kind of high in the clouds secret authentication platform, including client, cloud virtual main frame and some trustship machine rooms;Described cloud virtual main frame includes cloud fire wall and service server;Described trustship machine room includes enterprise's encryption equipment and router;Client sends service request to the service server of cloud virtual main frame, and receives the response data of high in the clouds service server;Enterprise's encryption equipment is isolated with outer net, it is wired on the special router of trustship machine room, the router sets up the secure connection with the service server in cloud virtual main frame by setting VPN, so that service server can call the certification encryption and decryption functions of encryption equipment.The present invention can service the application of multiple enterprises simultaneously, and client, service server seamless can either be connected with encryption equipment, ensure that the privately owned cryptosecurity of enterprise oneself again.

Description

High in the clouds secret authentication platform and its method for building up
Technical field
The invention belongs to encrypted authentication system technical field.Specifically traditional encryption and authentication service are changed to cloud Encryption authentication platform.
Background technology
In anti-fake certificate field, it is security consideration, traditional method is that each enterprise has a set of independent service server And encryption equipment, and the trustship machine room of oneself is deployed in, isolate with outer net to ensure safety, block diagram is as shown in Figure 1.Traditional scheme In, due to encryption equipment to be guaranteed and outer net physical isolation, so the service server of enterprise must be all placed in trustship with encryption equipment In machine room, composition Intranet connection.Then overall by service server by fire wall opening service.The drawbacks of this technology It is that physical LAN is connected due to service server to be guaranteed and encryption equipment to be so that a unification cannot be shared by each enterprise Service server, also cannot be deployed in the service server of oneself in cloud virtual machine.
Content of the invention
The technical problem to be solved in the present invention be provide a kind of can and meanwhile service multiple enterprises application high in the clouds secret certification Platform.
For solving above-mentioned technical problem, the present invention is adopted the following technical scheme that:High in the clouds secret authentication platform, including client End, cloud virtual main frame and some trustship machine rooms;Described cloud virtual main frame includes cloud fire wall and service server;Described Trustship machine room include enterprise's encryption equipment and router;Client sends business to the service server of cloud virtual main frame please Ask, and receive the response data of high in the clouds service server;Enterprise's encryption equipment is isolated with outer net, is wired at trustship machine room special Router on, the router by set VPN set up with cloud virtual main frame in service server secure connection, so as to Service server is allowd to call the certification encryption and decryption functions of encryption equipment.
The high in the clouds secret authentication platform method for building up of the present invention, comprises the steps:
(1)Service server is disposed beyond the clouds, enterprise's applications client sends service request to high in the clouds service server, and connects Receive the response data of the service server of cloud virtual main frame;
(2)The safety certification encryption equipment of enterprise is placed on its privately owned physics machine room, is isolated with outer net;The wired company of enterprise's encryption equipment It is connected on the special router of machine room;
(3)Special router sets up the secure connection with the service server of cloud virtual main frame by setting VPN, so that Obtain the certification encryption and decryption functions that service server can call encryption equipment;
(4)Service server is placed beyond the clouds, multiple enterprises can share a business platform, be given by account authority system To distinguish, a high in the clouds encryption authentication platform is established.
Beneficial effects of the present invention:Service server unified plan beyond the clouds, can be serviced multiple enterprises by the present invention simultaneously Application.The encryption equipment of each enterprise is deployed in the trustship machine room of enterprises to guarantee the cryptosecurity of each enterprise.Enterprise is each From encryption equipment VPN initiated by the router of carry be connected to high in the clouds service server, it is ensured that channel security.
Description of the drawings
Fig. 1 is traditional anti-fake certificate platform block diagram.
Fig. 2 is the block diagram of the authentication platform of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawings technical scheme is elaborated.
High in the clouds secret authentication platform, including client, cloud virtual main frame and some trustship machine rooms;Described cloud virtual Main frame includes cloud fire wall and service server;Described trustship machine room includes enterprise's encryption equipment and router;Client is to cloud The service server of end fictitious host computer sends service request, and receives the response data of high in the clouds service server;Enterprise's encryption equipment Isolate with outer net, be wired on the special router of trustship machine room, the router is set up and cloud virtual by setting VPN The secure connection of the service server in main frame, so that service server can call the certification encryption and decryption work(of encryption equipment Energy.
The high in the clouds secret authentication platform method for building up of the present invention, comprises the steps:
(1)Service server is disposed beyond the clouds, enterprise's applications client sends service request to high in the clouds service server, and connects Receive the response data of the service server of cloud virtual main frame;
(2)The safety certification encryption equipment of enterprise is placed on its privately owned physics machine room, is isolated with outer net;The wired company of enterprise's encryption equipment It is connected on the special router of machine room;
(3)Special router sets up the secure connection with the service server of cloud virtual main frame by setting VPN, so that Obtain the certification encryption and decryption functions that service server can call encryption equipment;
(4)Service server is placed beyond the clouds, multiple enterprises can share a business platform, be given by account authority system To distinguish, a high in the clouds encryption authentication platform is established.
Embodiment described above is only that the preferred embodiment of the present invention is described, the not design to the present invention It is defined with scope, on the premise of without departing from design concept of the present invention, in this area, ordinary skill technical staff is to this The various modifications that bright technical scheme is made and improvement all should fall into protection scope of the present invention, the skill being claimed of the present invention Art content, has all been documented in technical requirements book.

Claims (2)

1. high in the clouds secret authentication platform, it is characterised in that:Including client, cloud virtual main frame and some trustship machine rooms;Described Cloud virtual main frame include cloud fire wall and service server;Described trustship machine room includes enterprise's encryption equipment and router; Client sends service request to the service server of cloud virtual main frame, and receives the response data of high in the clouds service server; Enterprise's encryption equipment is isolated with outer net, is wired on the special router of trustship machine room, and the router is set up by setting VPN With the secure connection of the service server in cloud virtual main frame so that service server can call the certification of encryption equipment Encryption and decryption functions.
2. high in the clouds secret authentication platform method for building up, it is characterised in that:Comprise the steps:
(1)Service server is disposed beyond the clouds, enterprise's applications client sends service request to high in the clouds service server, and Receive the response data of the service server of cloud virtual main frame;
(2)The safety certification encryption equipment of enterprise is placed on its privately owned physics machine room, is isolated with outer net;The wired company of enterprise's encryption equipment It is connected on the special router of machine room;
(3)Special router sets up the secure connection with the service server of cloud virtual main frame by setting VPN, so that Obtain the certification encryption and decryption functions that service server can call encryption equipment;
(4)Service server is placed beyond the clouds, multiple enterprises can share a business platform, be given by account authority system To distinguish, a high in the clouds encryption authentication platform is established.
CN201611012563.8A 2016-11-17 2016-11-17 High in the clouds secret authentication platform and its method for building up Pending CN106487804A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611012563.8A CN106487804A (en) 2016-11-17 2016-11-17 High in the clouds secret authentication platform and its method for building up

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611012563.8A CN106487804A (en) 2016-11-17 2016-11-17 High in the clouds secret authentication platform and its method for building up

Publications (1)

Publication Number Publication Date
CN106487804A true CN106487804A (en) 2017-03-08

Family

ID=58272530

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611012563.8A Pending CN106487804A (en) 2016-11-17 2016-11-17 High in the clouds secret authentication platform and its method for building up

Country Status (1)

Country Link
CN (1) CN106487804A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109726564A (en) * 2018-05-14 2019-05-07 网联清算有限公司 Information processing method and information processing system applied to encryption equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102281286A (en) * 2010-06-14 2011-12-14 微软公司 Flexible end-point compliance and strong authentication for distributed hybrid enterprises
CN103780583A (en) * 2012-10-22 2014-05-07 上海俊悦智能科技有限公司 Protection method for secure cloud computing terminal
US20140320883A1 (en) * 2013-04-26 2014-10-30 Fuji Xerox Co., Ltd. Image forming apparatus and method, information processing system, and non-transitory computer readable medium
CN105208012A (en) * 2015-08-31 2015-12-30 武汉云通英飞科技有限公司 Cloud computing-based cloud authentication method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102281286A (en) * 2010-06-14 2011-12-14 微软公司 Flexible end-point compliance and strong authentication for distributed hybrid enterprises
CN103780583A (en) * 2012-10-22 2014-05-07 上海俊悦智能科技有限公司 Protection method for secure cloud computing terminal
US20140320883A1 (en) * 2013-04-26 2014-10-30 Fuji Xerox Co., Ltd. Image forming apparatus and method, information processing system, and non-transitory computer readable medium
CN105208012A (en) * 2015-08-31 2015-12-30 武汉云通英飞科技有限公司 Cloud computing-based cloud authentication method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109726564A (en) * 2018-05-14 2019-05-07 网联清算有限公司 Information processing method and information processing system applied to encryption equipment
CN109726564B (en) * 2018-05-14 2020-09-18 网联清算有限公司 Information processing method and information processing system applied to encryption machine

Similar Documents

Publication Publication Date Title
CN105991734B (en) A kind of cloud platform management method and system
CN104320258B (en) A kind of method of cloud computing service access gateway
CN106411857B (en) A kind of private clound GIS service access control method based on virtual isolation mech isolation test
CN104184735B (en) Power marketing mobile application security guard system
CN104539598B (en) A kind of improvement Tor secure anonymous network communicating system and method
CN101931626B (en) Service terminal realizing safe auditing function in remote control process
CN103618752B (en) A kind of virtual machine remote desktop safety accesses system and method
CN103441991A (en) Mobile terminal security access platform
CN106992984A (en) A kind of method of the mobile terminal safety access information Intranet based on electric power acquisition net
CN102255918A (en) DHCP (Dynamic Host Configuration Protocol) Option 82 based user accessing authority control method
CN105610706A (en) Internet-of-things control system oriented intelligent gateway platform
TWI476627B (en) The management system and method of network service level and function of cloud virtual desktop application
CN106302518A (en) A kind of network firewall of software and hardware combining
CN103118030A (en) Desktop cloud based identity authentication method
CN106330479A (en) Equipment operation and maintenance method and equipment operation and maintenance system
CN104767741A (en) Calculation service separating and safety protecting system based on light virtual machine
CN105721499A (en) Information security system of industrial communication security gateway
CN202652534U (en) Mobile terminal safety access platform
EP3744051B1 (en) Virtual tenant for a multiple dwelling unit
CN106487804A (en) High in the clouds secret authentication platform and its method for building up
CN106507328A (en) The charge management method of wireless networking and system
CN204559620U (en) Remote support system, remote access system and remote assisting system
CN106487935A (en) A kind of private clound internal server long-distance maintenance method and system
CN109547553A (en) Region transformer station management system and management method based on private clound
CN108243187A (en) A kind of automatic encryption method, system and service module based on SSH tunnels

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 226300 Xinxing mansion 25, Central Road, Nantong economic and Technological Development Zone, Jiangsu 711

Applicant after: Jiangsu Corp science and Technology Co., Ltd.

Address before: 226300 Xinxing mansion 25, Central Road, Nantong economic and Technological Development Zone, Jiangsu 711

Applicant before: Nantong core technology Co., Ltd.

TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20190326

Address after: 100096 Unit 1 508, Unit 5, 99 Yuexiu Road, Haidian District, Beijing

Applicant after: Xindian Zhilian (Beijing) Technology Co., Ltd.

Address before: 226300 Xinxing mansion 25, Central Road, Nantong economic and Technological Development Zone, Jiangsu 711

Applicant before: Jiangsu Corp science and Technology Co., Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170308