CN106961439A - A kind of HTTPS encrypted transmission methods and device - Google Patents
A kind of HTTPS encrypted transmission methods and device Download PDFInfo
- Publication number
- CN106961439A CN106961439A CN201710209940.5A CN201710209940A CN106961439A CN 106961439 A CN106961439 A CN 106961439A CN 201710209940 A CN201710209940 A CN 201710209940A CN 106961439 A CN106961439 A CN 106961439A
- Authority
- CN
- China
- Prior art keywords
- access request
- request message
- https
- message
- client device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0485—Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
Abstract
The application provides a kind of HTTPS encrypted transmission methods and device.In the application, HTTPS service-specific equipments are after the access request message of client device transmission is received, whether can determine that in the message includes HTTPS service keywords, if do not included, then HTTPS redirection messages are returned to client device, so that its transmission includes the access request message of HTTPS service keywords, the encrypted transmission of data between client device and Web server is thereby guaranteed that, the security of data transfer is ensured.
Description
Technical field
The application is related to network communication technology field, more particularly to a kind of HTTPS encrypted transmission methods and device.
Background technology
For data transfer risk, client device and the Web server both sides one such as avoid data tampering, privacy of user from stealing
As by install corresponding HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer,
HTTP on the basis of SSL) associated component, to realize the encrypted transmission of data.
And for some small-sized Web servers, such as Campus Network Server, it is contemplated that encryption and decryption computing extremely consumes
Take the situation of the valuable processor resource of server, HTTPS service-specific equipments typically can be used and are carried out to substitute Web server
The encryption and decryption computing of data.But its deficiency is, user is when carrying out server access, it is necessary to be manually entered this clothes of HTTPS
Keyword is engaged in enable the data encrypting and deciphering function of special equipment, and when the service keyword of user input is HTTP or omission
During the input of service keyword, the access request of user directly will be pass-through to Web server by special equipment, that is to say, that
In this case, the encrypted transmission of data is not realized between client device and Web server, and this will be to be passed data
Bury the transmission hidden danger for being maliciously tampered or stealing.
The content of the invention
In view of this, the application provides a kind of HTTPS encrypted transmission methods and device, with when the service key of user input
Word is HTTP or during the input for omitting service keyword, it is to avoid by biography data to bury the transmission that is maliciously tampered or steals hidden
Suffer from.
According to the first aspect of the embodiment of the present application there is provided a kind of HTTPS encrypted transmission methods, applied to HTTPS services
Special equipment, methods described includes:
Receive message;
Whether judge received message is access request message that client device is sent;
When the message received is the access request message that client device is sent, determine in access request message whether
Including HTTP service keyword;
If it is, returning to HTTPS redirection messages to the client device, include so that client device is sent
The access request message of HTTPS service keywords;
After the access request message including HTTPS service keywords of client device transmission is received, to the access
Request message is decrypted, and the access request message after decryption is sent to Web server.
According to the second aspect of the embodiment of the present application there is provided a kind of HTTPS encrypted transmissions device, applied to HTTPS services
Special equipment, described device includes:
Receiving unit, for receiving message;
Judging unit, for judging whether received message is access request message that client device is sent;
HTTP determining units, for when the message received be client device send access request message when, it is determined that
Whether include HTTP service keyword in access request message;
Returning unit, for when access request message includes HTTP service keyword, being returned to the client device
HTTPS redirection messages are returned, so that client device, which is sent, includes the access request message of HTTPS service keywords;
Decryption unit, for receive client device transmission include the access request report of HTTPS service keywords
Wen Hou, the access request message is decrypted;
Transmitting element, for the access request message after decryption to be sent to Web server.
In the application, HTTPS service-specific equipments, can be true after the access request message of client device transmission is received
Whether include HTTPS service keywords in the fixed message, if do not included, return to HTTPS to client device and redirect report
Text, so that its transmission includes the access request message of HTTPS service keywords, thereby guarantees that client device and Web server
Between data encrypted transmission, ensure data transfer security.
Brief description of the drawings
Fig. 1 is the schematic diagram of a scenario of the application HTTPS encrypted transmission methods;
Fig. 2 is a kind of flow chart of HTTPS encrypted transmission methods of the application;
Fig. 3 is a kind of one embodiment flow chart of HTTPS encrypted transmission methods of the application;
Fig. 4 is a kind of the first structure chart of HTTPS encrypted transmissions device of the application;
Fig. 5 is a kind of second of structure chart of HTTPS encrypted transmissions device of the application;
Fig. 6 is a kind of the third structure chart of HTTPS encrypted transmissions device of the application;
Fig. 7 is a kind of the 4th kind of structure chart of HTTPS encrypted transmissions device of the application.
Embodiment
Here exemplary embodiment will be illustrated in detail, its example is illustrated in the accompanying drawings.Following description is related to
During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous key element.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended
The example of the consistent apparatus and method of some aspects be described in detail in claims, the application.
It is the purpose only merely for description specific embodiment in term used in this application, and is not intended to be limiting the application.
" one kind ", " described " and "the" of singulative used in the application and appended claims are also intended to including majority
Form, unless context clearly shows that other implications.It is also understood that term "and/or" used herein refers to and wrapped
It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application
A little information should not necessarily be limited by these terms.These terms are only used for same type of information being distinguished from each other out.For example, not departing from
In the case of the application scope, the first information can also be referred to as the second information, similarly, and the second information can also be referred to as
One information.Depending on linguistic context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determining ".
Referring to Fig. 1, Fig. 1 is the schematic diagram of a scenario of the application HTTPS encrypted transmission methods.The schematic diagram can include:Visitor
Family end equipment, Web server and HTTPS service-specific equipments, wherein, client device and HTTPS service-specific equipments it
Between, link is had between HTTPS service-specific equipments and Web server, and between client device and Web server
Connection.Under normal circumstances, it is data transfer risk, client device and the Web service such as avoid data tampering, privacy of user from stealing
Device both sides are general by installing corresponding HTTPS associated components, to realize the encrypted transmission of data.And it is small-sized for some
For Web server, such as Campus Network Server, it is contemplated that encryption and decryption computing extremely expends the valuable processor resource of server
Situation, and the corresponding HTTPS associated components of required installation may also possess certain security breaches in itself, so generally
The encryption and decryption computing that Web server carries out data is substituted from HTTPS service-specific equipments.
It is done so that deficiency be, user carry out server access when, it is necessary to be manually entered this service of HTTPS
Keyword enables the data encrypting and deciphering function of special equipment, and when user input service keyword is HTTP or omit clothes
During the input of business keyword, the access request of user directly will be pass-through to Web server by special equipment, that is to say, that at this
In the case of kind, the encrypted transmission of data is not realized between client device and Web server, and this will be buried to be passed data
Under the transmission hidden danger that is maliciously tampered or steals.
In view of this, the application provides a kind of HTTPS encrypted transmission methods and device, with when the service key of user input
Word is HTTP or during the input for omitting service keyword, it is to avoid by biography data to bury the transmission that is maliciously tampered or steals hidden
Suffer from.
In order that those skilled in the art more fully understand the technical scheme in the embodiment of the present application, and make the application real
Applying the above-mentioned purpose of example, feature and advantage can be more obvious understandable, below in conjunction with the accompanying drawings to technical side in the embodiment of the present application
Case is described in further detail.
Referring to Fig. 2, Fig. 2 is a kind of flow chart of HTTPS encrypted transmission methods of the application, and the flow chart can include following
Step:
Step 201:HTTPS service-specific equipments receive message.
This method embodiment is applied to HTTPS service-specific equipments.
Step 202:Whether judge received message is access request message that client device is sent.If it is,
Perform step 203.
In this method embodiment, the source IP address that HTTPS service-specific equipments can include according to the message received
Whether determine received message is access request message that client device is sent.
Step 203:Determine whether include HTTP service keyword in access request message.If it is, performing step
204。
In this method embodiment, before this step 203 is performed, HTTPS service-specific equipments can determine step first
The mark of included website to be visited whether there is in the access list being pre-configured with access request message in 202,
In the presence of the mark of website to be visited included in access request message is in the access list being pre-configured with, this step is performed
Rapid 203;And when the mark of website to be visited included in access request message is not present in the access list being pre-configured with
When, then can be by access request message transmission to Web server.
In this method embodiment, when not including HTTP service keyword in access request message, HTTPS services are special to be set
It is standby to can determine that in the access request message whether include HTTPS service keywords, when the access request message includes HTTPS clothes
During business keyword, then the access request message is decrypted, and the access request message after decryption is sent to Web service
Device;And when not including HTTPS service keywords in the access request message, then take the access request message transmission to Web
Business device.
Step 204:HTTPS redirection messages are returned to client device, so that client device, which is sent, includes HTTPS clothes
The access request message of business keyword.
In this method embodiment, it for the explanation of this step, will in the examples below be illustrated, wouldn't go to live in the household of one's in-laws on getting married herein
State.
Step 205:After the access request message including HTTPS service keywords of client device transmission is received,
The access request message is decrypted, the access request message after decryption is sent to Web server.
In this method embodiment, it for the explanation of this step, will in the examples below be illustrated, wouldn't go to live in the household of one's in-laws on getting married herein
State.
HTTPS service-specific equipments are receiving the visit of client device transmission it can be seen from above method embodiment
Ask after access request message, it may be determined that whether include HTTPS service keywords in the message, if do not included, to client
Equipment returns to HTTPS redirection messages, so that its transmission includes the access request message of HTTPS service keywords, thereby guarantees that
The encrypted transmission of data between client device and Web server, ensures the security of data transfer.
Referring to Fig. 3, Fig. 3 is a kind of one embodiment flow chart of HTTPS encrypted transmission methods of the application.With the above method
Unlike embodiment, the present embodiment will be illustrated with reference to specific example to part steps, be anticipated with stronger practical operation
Justice, specifically, the present embodiment may comprise steps of:
Step 301:HTTPS service-specific equipments receive message.
The present embodiment is applied to HTTPS service-specific equipments.It will be appreciated by persons skilled in the art that HTTPS is serviced
The alternative Web server of special equipment is set up SSL with client device and is connected or TLS (Transport Layer
Security, Transport Layer Security) connection, so as to after the message including HTTPS service keywords is received, be carried out to the message
Decryption, and the message after decryption is sent to Web server, and closed in the HTTP service that includes for receiving Web server transmission
After the message of key word, then the message can be encrypted, and the message after encryption is sent to client device.
Step 302:Whether judge received message is access request message that client device is sent.If it is,
Perform step 303.
In the present embodiment, the source IP address that HTTPS service-specific equipments can include according to the message received determines institute
The message of reception whether be client device send access request message.It will be appreciated by persons skilled in the art that HTTPS
Service-specific equipment can have the table to be checked of client device IP address and server ip address locally pre-saving a record,
The table to be checked can be obtained by study.When receiving a message, HTTPS service-specific equipments can be by by message
Source IP address is matched with the IP address in table to be checked, to determine that the source IP address is client device IP address or clothes
Be engaged in device IP address, and thereby determine that received message whether be client device send access request message.
Step 303:Determine the mark of website to be visited included in access request message in the Access Column being pre-configured with
It whether there is in table.If it is, performing step 304, step 310 is otherwise performed.
In the present embodiment, the mark for the website that above-mentioned access list record has this HTTPS service-specific equipments to be responsible for
The key associated with the website.It is worthy of note that, HTTPS service-specific equipments may be only to some of Web server
Website carries out the encryption and decryption computing of data, and the corresponding mark in these websites is recorded in list of websites for inquiry.And this
The key of a little websites associations then by HTTPS service-specific equipments with during client device sets up SSL or STL is connected
Consult to obtain, the message data received is encrypted or decrypted.Wherein, data message to be encrypted or
The key of person's decryption is typically different, and the two keys are generally comprised within the digital certificate with website unique association to be visited, but
In view of the specific encryption and decryption computing of the message data involved by the application is not within the scope of the application is claimed, therefore not
Repeat.
In the present embodiment, the mark of website to be visited can by website to be visited domain name unique mark, and according to reality
Situation, above-mentioned domain name can also be IP address or domain name and port numbers or IP address and port numbers etc..
Step 304:Determine whether include HTTP service keyword in access request message.If it is, performing step
305, otherwise perform step 308.
In the present embodiment, if what access request message included is HTTP service keyword, show client device
Transmitted access request message is transmitted in the form of plaintext.Now, in order to ensure follow-up institute's transmitting message content
Security, the access request message can't directly be pass-through to Web server by HTTPS service-specific equipments, but with step
Rapid 305 mode require client device resend including service keyword be HTTPS access request message.
Step 305:HTTPS redirection messages are returned to client device, so that client device, which is sent, includes HTTPS clothes
The access request message of business keyword.
In the present embodiment, after it is determined that the service keyword that access request message includes is HTTP, HTTPS services are special
Equipment can send a feedback message to client device, so that client device is sent for Web by service keyword of HTTPS
The access request message of server.This require client device use with HTTPS service-specific equipments consult in advance it is close
Transmitted access request message is encrypted key, and wherein website is obtained so as to be sent in the form of ciphertext to Web server
The access request message of resource.And when HTTPS service-specific equipments receive Web server with plaintext version return include it is upper
After the request request response message for stating site resource, then request request response message can be encrypted, in the form of ciphertext
Request request response message is back to client device, thus between client device and HTTPS service-specific equipments
Realize the encrypted transmission of data.
Step 306:After the access request message including HTTPS service keywords of client device transmission is received,
The corresponding key of mark of the website to be visited included by the access request message is searched in above-mentioned access list.
In the present embodiment, if it is assumed that the website to be visited that access request message includes is the official website of Tsing-Hua University, and
Assuming that the key associated in list of websites with the website is KEY1, then HTTPS service-specific equipments are inquired in list of websites
List item can be expressed as the form of table 1:
Website logo | Key |
www.tsinghua.edu.cn | KEY1 |
Table 1
Step 307:Utilize found key that the access request message is decrypted, by the access request report after decryption
Text is sent to Web server.
So far, the present embodiment flow can terminate.
Step 308:Determine whether include HTTPS service keywords in access request message.If it is, performing step
309, otherwise perform step 310.
Step 309:The mark correspondence of the website to be visited included by access request message is searched in above-mentioned access list
Key, utilize found key that the access request message is decrypted, by the access request message after decryption send to
Web server.
In the present embodiment, this step 309 is identical with the explanation that step 306 need to be made, therefore does not repeat.
Step 310:By access request message transmission to Web server.
In the present embodiment, if the service key that the access request message that HTTPS service-specific equipments are received includes
Word is neither HTTPS nor HTTP, then can determine that such access request message is not belonging to the report that safe class requires higher
Text, therefore can be directly by the message transmission to Web server.
In the present embodiment, if the message that HTTPS service-specific equipments are received in step 302 is by Web server
The request request response message of transmission, then can determine whether whether the mark for returning to the website of the message deposits in above-mentioned list of websites
, and in the presence of, determine whether include HTTP service keyword in the message, when the message includes HTTP service keyword
When, then the key associated with the website is searched in list of websites, then message is encrypted using the key that this finds,
And send the message after encryption to client device.And be not present in the list of websites website for returning to the message mark or
, then can be directly by the message transmission to visitor when the service keyword that person's message includes is other service keywords such as HTTPS
Family end equipment.
As can be seen from the above embodiments, HTTPS service-specific equipments please in the access for receiving client device transmission
Ask after message, it may be determined that whether include HTTPS service keywords in the message, if do not included, returned to client device
HTTPS redirection messages, so that its transmission includes the access request message of HTTPS service keywords, thereby guarantee that client is set
The encrypted transmission of the standby data between Web server, ensures the security of data transfer.
Corresponding with a kind of foregoing embodiment of HTTPS encrypted transmission methods, present invention also provides a kind of HTTPS encryptions
The embodiment of transmitting device.
Referring to Fig. 4, Fig. 4 is a kind of the first structure chart of HTTPS encrypted transmissions device of the application, and the device is used for
HTTPS service-specific equipments, can include:Receiving unit 410, judging unit 420, HTTP determining units 430, returning unit
440th, decryption unit 450, transmitting element 460.
Wherein, receiving unit 410, for receiving message;
Judging unit 420, for judging whether received message is access request message that client device is sent;
HTTP determining units 430, for when the message received be client device send access request message when, really
Determine whether include HTTP service keyword in access request message;
Returning unit 440, for when access request message includes HTTP service keyword, being returned to client device
HTTPS redirection messages, so that client device, which is sent, includes the access request message of HTTPS service keywords;
Decryption unit 450, for receive client device transmission include the access request of HTTPS service keywords
After message, the access request message is decrypted;
Transmitting element 460, for the access request message after decryption to be sent to Web server.
In the first implementation of present apparatus embodiment, judging unit 420 can be specifically for:According to what is received
Source IP address that message includes determines whether received message is access request message that client device is sent.
In second of implementation of present apparatus embodiment, said apparatus can also include:Mark determining unit 470,
Transparent transmission unit 480, for details, reference can be made to Fig. 5, and Fig. 5 is a kind of second of structure chart of HTTPS encrypted transmissions device of the application.
Wherein, identify determining unit 470, for it is determined that in access request message whether include HTTP service keyword it
Before, determine that the mark of website to be visited included in access request message whether there is in the access list being pre-configured with;
HTTP determining units 430, specifically for the mark when website to be visited included in access request message pre-
In the presence of in the access list first configured, determine whether include HTTP service keyword in access request message;
Transparent transmission unit 480, is being pre-configured with for mark when website to be visited included in access request message
When being not present in access list, by access request message transmission to Web server.
In the third implementation of present apparatus embodiment, device described in above-mentioned second of implementation can be with
Including:HTTPS determining units 490, searching unit 500, for details, reference can be made to Fig. 6, and Fig. 6 is a kind of HTTPS encrypted transmissions of the application
The third structure chart of device.
HTTPS determining units 490, for when not including HTTP service keyword in access request message, it is determined that accessing
Whether include HTTPS service keywords in request message;
Searching unit 500, for when access request message includes HTTPS service keywords, in above-mentioned access list
The middle corresponding key of mark for searching the website to be visited included by access request message;
Then decryption unit 450, are additionally operable to that access request message is decrypted using above-mentioned key;
Transmitting element 460, is additionally operable to send the access request message after decryption to Web server.
In the 4th kind of implementation of present apparatus embodiment, the device corresponding to the first above-mentioned structure chart can also be wrapped
Include:HTTPS determining units 490, transparent transmission unit 480, for details, reference can be made to Fig. 7, and Fig. 7 is a kind of HTTPS encrypted transmissions dress of the application
The 4th kind of structure chart put.
Wherein, HTTPS determining units 490, for when in access request message not include HTTP service keyword when, it is determined that
Whether include HTTPS service keywords in access request message;
Then decryption unit 450, are additionally operable to when access request message includes HTTPS service keywords, to access request
Message is decrypted;
Transmitting element 460, is additionally operable to send the access request message after decryption to Web server;
Transparent transmission unit 480, for when not including HTTPS service keywords in access request message, by access request report
Text is pass-through to Web server.
HTTPS service-specific equipments, which are can be seen that, from apparatus above embodiment is receiving the visit of client device transmission
Ask after request message, it may be determined that whether include HTTPS service keywords in the message, if do not included, to client device
HTTPS redirection messages are returned, so that its transmission includes the access request message of HTTPS service keywords, client are thereby guaranteed that
The encrypted transmission of data between end equipment and Web server, ensures the security of data transfer.
The function of unit and the implementation process of effect specifically refer to correspondence step in the above method in said apparatus
Implementation process, will not be repeated here.
For device embodiment, because it corresponds essentially to embodiment of the method, so related part is real referring to method
Apply the part explanation of example.Device embodiment described above is only schematical, wherein described be used as separating component
The unit of explanation can be or may not be physically separate, and the part shown as unit can be or can also
It is not physical location, you can with positioned at a place, or can also be distributed on multiple NEs.Can be according to reality
Selection some or all of module therein is needed to realize the purpose of application scheme.Those of ordinary skill in the art are not paying
In the case of going out creative work, you can to understand and implement.
The preferred embodiment of the application is the foregoing is only, not to limit the application, all essences in the application
God is with principle, and any modifications, equivalent substitutions and improvements done etc. should be included within the scope of the application protection.
Claims (10)
1. a kind of HTTPS encrypted transmission methods, applied to HTTPS service-specific equipments, it is characterised in that methods described includes:
Receive message;
Whether judge received message is access request message that client device is sent;
When the message received is the access request message that client device is sent, determine whether include in access request message
HTTP service keyword;
If it is, HTTPS redirection messages are returned to the client device, so that client device, which is sent, includes HTTPS
The access request message of service keyword;
After the access request message including HTTPS service keywords of client device transmission is received, to the access request
Message is decrypted, and the access request message after decryption is sent to Web server.
2. according to the method described in claim 1, it is characterised in that described to judge whether received message is client device
The access request message of transmission, including:
Source IP address that message according to being received includes determines whether received message is visit that client device is sent
Ask request message.
3. according to the method described in claim 1, it is characterised in that methods described also includes:
Before it is determined that whether including HTTP service keyword in access request message,
Determine in the access request message mark of included website to be visited in the access list being pre-configured with whether
In the presence of;
If it is present performing the step:Determine whether include HTTP service keyword in access request message;
If it does not exist, then by the access request message transmission to Web server.
4. method according to claim 3, it is characterised in that methods described also includes:
When not including HTTP service keyword in access request message, determine whether include in the access request message
HTTPS service keywords;
If it is, searching the mark correspondence of the website to be visited included by the access request message in the access list
Key;
The access request message is decrypted using the key, the access request message after decryption is sent to Web and taken
Business device.
5. according to the method described in claim 1, it is characterised in that methods described also includes:
When not including HTTP service keyword in access request message, determine whether include in the access request message
HTTPS service keywords;
If it is, the access request message is decrypted, the access request message after decryption is sent to Web service
Device;
If it is not, then by the access request message transmission to Web server.
6. a kind of HTTPS encrypted transmissions device, applied to HTTPS service-specific equipments, it is characterised in that described device includes:
Receiving unit, for receiving message;
Judging unit, for judging whether received message is access request message that client device is sent;
HTTP determining units, for when the message received is the access request message that client device is sent, it is determined that accessing
Whether include HTTP service keyword in request message;
Returning unit, for when access request message includes HTTP service keyword, being returned to the client device
HTTPS redirection messages, so that client device, which is sent, includes the access request message of HTTPS service keywords;
Decryption unit, for receive client device transmission the access request message including HTTPS service keywords after,
The access request message is decrypted;
Transmitting element, for the access request message after decryption to be sent to Web server.
7. device according to claim 6, it is characterised in that the judging unit, specifically for:
Source IP address that message according to being received includes determines whether received message is visit that client device is sent
Ask request message.
8. device according to claim 6, it is characterised in that described device also includes:
Determining unit is identified, for before it is determined that whether including HTTP service keyword in access request message, it is determined that described
The mark of included website to be visited whether there is in the access list being pre-configured with access request message;
The HTTP determining units, specifically for the mark when website to be visited included in the access request message pre-
In the presence of in the access list first configured, determine whether include HTTP service keyword in access request message;
Transparent transmission unit, for the mark when website to be visited included in the access request message in the access being pre-configured with
When being not present in list, by the access request message transmission to Web server.
9. device according to claim 8, it is characterised in that described device also includes:
HTTPS determining units, for when not including HTTP service keyword in access request message, determining the access request
Whether include HTTPS service keywords in message;
Searching unit, for when the access request message includes HTTPS service keywords, being looked into the access list
Look for the corresponding key of mark of the website to be visited included by the access request message;
The decryption unit, is additionally operable to that the access request message is decrypted using the key;
The transmitting element, is additionally operable to send the access request message after decryption to Web server.
10. device according to claim 6, it is characterised in that described device also includes:
HTTPS determining units, for when not including HTTP service keyword in access request message, determining the access request
Whether include HTTPS service keywords in message;
The decryption unit, is additionally operable to when the access request message includes HTTPS service keywords, please to the access
Message is asked to be decrypted;
The transmitting element, is additionally operable to send the access request message after decryption to Web server;
Transparent transmission unit, for when not including HTTPS service keywords in the access request message, by the access request report
Text is pass-through to Web server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710209940.5A CN106961439B (en) | 2017-03-31 | 2017-03-31 | A kind of HTTPS encrypted transmission method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710209940.5A CN106961439B (en) | 2017-03-31 | 2017-03-31 | A kind of HTTPS encrypted transmission method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106961439A true CN106961439A (en) | 2017-07-18 |
CN106961439B CN106961439B (en) | 2019-09-17 |
Family
ID=59483188
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710209940.5A Active CN106961439B (en) | 2017-03-31 | 2017-03-31 | A kind of HTTPS encrypted transmission method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106961439B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107634969A (en) * | 2017-10-26 | 2018-01-26 | 迈普通信技术股份有限公司 | Data interactive method and device |
CN107995188A (en) * | 2017-11-30 | 2018-05-04 | 杭州迪普科技股份有限公司 | A kind of device and method for realizing test equipment and equipment under test data transfer |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020188862A1 (en) * | 2001-03-28 | 2002-12-12 | Trethewey James R. | Method and system for automatic invocation of secure sockets layer encryption on a parallel array of Web servers |
US20060155869A1 (en) * | 2004-12-22 | 2006-07-13 | Slipstream Data Inc. | Browser-plugin based method for advanced HTTPS data processing |
CN101034981A (en) * | 2006-03-07 | 2007-09-12 | 上海品伟数码科技有限公司 | Network access control system and its control method |
CN101119274A (en) * | 2007-09-12 | 2008-02-06 | 杭州华三通信技术有限公司 | Method for improving treatment efficiency of SSL gateway and SSL gateway |
CN102638346A (en) * | 2012-05-12 | 2012-08-15 | 杭州迪普科技有限公司 | Method and device for authorizing subscriber digital certificate |
CN103618743A (en) * | 2013-12-09 | 2014-03-05 | 北京星网锐捷网络技术有限公司 | Service access method, speed-up client, speed-up server and system |
CN105721479A (en) * | 2016-03-02 | 2016-06-29 | 北京网康科技有限公司 | URL filtering method and device |
-
2017
- 2017-03-31 CN CN201710209940.5A patent/CN106961439B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020188862A1 (en) * | 2001-03-28 | 2002-12-12 | Trethewey James R. | Method and system for automatic invocation of secure sockets layer encryption on a parallel array of Web servers |
US20060155869A1 (en) * | 2004-12-22 | 2006-07-13 | Slipstream Data Inc. | Browser-plugin based method for advanced HTTPS data processing |
CN101034981A (en) * | 2006-03-07 | 2007-09-12 | 上海品伟数码科技有限公司 | Network access control system and its control method |
CN101119274A (en) * | 2007-09-12 | 2008-02-06 | 杭州华三通信技术有限公司 | Method for improving treatment efficiency of SSL gateway and SSL gateway |
CN102638346A (en) * | 2012-05-12 | 2012-08-15 | 杭州迪普科技有限公司 | Method and device for authorizing subscriber digital certificate |
CN103618743A (en) * | 2013-12-09 | 2014-03-05 | 北京星网锐捷网络技术有限公司 | Service access method, speed-up client, speed-up server and system |
CN105721479A (en) * | 2016-03-02 | 2016-06-29 | 北京网康科技有限公司 | URL filtering method and device |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107634969A (en) * | 2017-10-26 | 2018-01-26 | 迈普通信技术股份有限公司 | Data interactive method and device |
CN107634969B (en) * | 2017-10-26 | 2020-07-10 | 迈普通信技术股份有限公司 | Data interaction method and device |
CN107995188A (en) * | 2017-11-30 | 2018-05-04 | 杭州迪普科技股份有限公司 | A kind of device and method for realizing test equipment and equipment under test data transfer |
Also Published As
Publication number | Publication date |
---|---|
CN106961439B (en) | 2019-09-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9922207B2 (en) | Storing user data in a service provider cloud without exposing user-specific secrets to the service provider | |
Chu et al. | Security concerns in popular cloud storage services | |
US9537861B2 (en) | Method of mutual verification between a client and a server | |
JP6622196B2 (en) | Virtual service provider zone | |
JP6561149B2 (en) | Technology for managing the privacy of network communications | |
CN104580086A (en) | Information transmission method, client side, server and system | |
US20040236962A1 (en) | Method and apparatus for secure browser-based information service | |
WO2014028757A1 (en) | Secure data exchange using messaging service | |
EP2354996B1 (en) | Apparatus and method for remote processing while securing classified data | |
US20120163598A1 (en) | Session secure web content delivery | |
CN107172001B (en) | Control method and device of website proxy server and key proxy server | |
CN105791451A (en) | Message response method and device | |
CN103220261A (en) | Proxy method, device and system of open authentication application program interface | |
Ban et al. | Fine-grained support of security services for resource constrained internet of things | |
CN106060099A (en) | Data access method and system, and devices | |
CN103634399A (en) | Method and device for realizing cross-domain data transmission | |
CN104348838A (en) | Document management system and method | |
WO2016112580A1 (en) | Service processing method and device | |
CN106961439B (en) | A kind of HTTPS encrypted transmission method and device | |
CN106453399B (en) | A kind of domain name resolution service method and system of user oriented secret protection | |
Gill et al. | Secure remote access to home automation networks | |
Sodagudi et al. | An approach to identify data leakage in secure communication | |
US20140258129A1 (en) | Method, apparatus and system for establishing a secure communications session | |
Breeding | Key Technologies with Implications for Privacy: Encryption, Analytics, and Advertising Tracking | |
CN110519292B (en) | Encoding method for social network, social method, apparatus, device and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210621 Address after: 310051 05, room A, 11 floor, Chung Cai mansion, 68 Tong Xing Road, Binjiang District, Hangzhou, Zhejiang. Patentee after: Hangzhou Dip Information Technology Co.,Ltd. Address before: 6 / F, Zhongcai building, 68 Tonghe Road, Binjiang District, Hangzhou City, Zhejiang Province Patentee before: Hangzhou DPtech Technologies Co.,Ltd. |
|
TR01 | Transfer of patent right |