CN107888543A - Based on the method and system that company-data safety is protected under distributed type assemblies environment - Google Patents
Based on the method and system that company-data safety is protected under distributed type assemblies environment Download PDFInfo
- Publication number
- CN107888543A CN107888543A CN201610867347.5A CN201610867347A CN107888543A CN 107888543 A CN107888543 A CN 107888543A CN 201610867347 A CN201610867347 A CN 201610867347A CN 107888543 A CN107888543 A CN 107888543A
- Authority
- CN
- China
- Prior art keywords
- data
- cluster
- data acquisition
- route
- current
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses based on the method and system that company-data safety is protected under distributed type assemblies environment;This method includes:S1, fire wall is provided between cluster and data acquisition person, fire wall obtains taker to the communication link of cluster for isolated data, and opens the communication link between cluster and route and current-limiting apparatus;When S2, data acquisition person ask company-data, need to go to central authentication platform to carry out identity legitimacy verification first;S3, cluster is sent to current-limiting apparatus by route by the request that identity legitimacy verifies, result is sent to route and current-limiting apparatus after cluster statistical result, finally by route and the current-limiting apparatus person that issues data acquisition.The data communication passage that the present invention thoroughly can completely cut off data acquisition between person and company-data;Unified mode is taken to verify the identity of data acquisition side;By central authentication platform to other clusters or other need to carry out unified protection by the system of authentication;Prevent leaking data.
Description
Technical field
The present invention relates to data security arts, and in particular to one kind is based on protecting company-data peace under distributed type assemblies environment
Full method and system.
Background technology
The security component that some clusters are provided by official at present is come the person that verifies data acquisition;Somewhat by the school of itself
Test come the person that verifies data acquisition.These modes do not obtain the physical communication link between taker and cluster to isolated data, illegally
Data acquisition person can be by the authentication mechanism of camouflage or Brute Force official security component so as to breaking through to its identity
Checking so that get data.Further, since being used for of lacking that only both sides mutually know between data acquisition person and cluster encrypts number
According to session key, cause in data transmission procedure easily to be intercepted and captured by third party and cause critical data to be divulged a secret;Or the 3rd
Side sends the data to message after the data of intercepting and capturing are illegally distorted and obtains taker and cause unsafe data transfer again.
The content of the invention
It is an object of the present invention in order to solve the above technical problems, data transmission security can be effectively improved by providing one kind
Property based under distributed type assemblies environment protect company-data safety method and system.
In order to solve the above technical problems, the present invention adopts the following technical scheme that:One kind is based under distributed type assemblies environment
The method for protecting data safety, specifically comprises the following steps:
S1, fire wall is provided between cluster and data acquisition person, the fire wall obtains taker to collection for isolated data
The communication link of group, and the communication link between the open cluster and route and current-limiting apparatus;
When S2, the data acquisition person ask company-data, need to go to central authentication platform to carry out identity legitimacy first
Verification;
S3, by the request that the identity legitimacy verifies by it is described route with current-limiting apparatus be sent to cluster, cluster
Result is sent to route and current-limiting apparatus after statistical result, finally by route and the current-limiting apparatus person that issues data acquisition.
Method as the aforementioned based on protection data safety under distributed type assemblies environment, in the step S2, before described
Identity legitimacy verification is carried out toward central authentication platform to specifically include:
A, the symmetry algorithm list and asymmetric arithmetic list that the data acquisition person is supported itself are sent to described
Central authentication platform;
B, a kind of symmetry algorithm of central authentication platform selecting returns to the data acquisition person with asymmetric arithmetic and used
To determine enciphering and deciphering algorithm therebetween;
C, the data acquisition person is obtaining symmetry algorithm with randomly generating a message original text after asymmetric arithmetic, and counts
The cryptographic Hash A of message original text is calculated, passes through cryptographic Hash described in the private key encryption of itself using asymmetric arithmetic;It is finally that message is former
The digital certificate that the cryptographic Hash and mark data of message original text after text, encryption obtain taker own identification is sent to the center and recognized
Demonstrate,prove platform;
D, the cryptographic Hash after the central authentication platform is decrypted and decrypted to the cryptographic Hash after the encryption, so
The cryptographic Hash B of message original text is calculated by hash algorithm afterwards, by the cryptographic Hash A and message original text that compare the message original text
Cryptographic Hash B uniformity is to determine the identity of the data acquisition person.
As the aforementioned based on the method that data safety is protected under distributed type assemblies environment, the symmetry algorithm bag of the support
Include:DES, 3DES and AES;The asymmetric arithmetic includes RSA and DSA.
As the aforementioned based on the method that data safety is protected under distributed type assemblies environment, the central authentication platform is to described
Specific method is decrypted in cryptographic Hash after encryption:Using the asymmetric arithmetic in the step c and from digital certificate
Hash after encryption is decrypted extraction public key.
Included before based on the method that data safety is protected under distributed type assemblies environment, the step S3 as the aforementioned:Such as
Fruit determines the legal of the data acquisition person identity, and it is secret as session that the central authentication platform randomly generates a random number
Key, after the public key encryption extracted in digital certificate, it is sent to the data acquisition person.
Also included before based on the method that data safety is protected under distributed type assemblies environment, the step S3 as the aforementioned:
If it is determined that the data acquisition person identity is illegal, then the identity legitimacy verification failure, and prompt authentication to lose
Lose.
The present invention also provides the system that data safety is protected under a kind of environment based on distributed type assemblies, and described device includes:
Cluster, for externally providing data retrieval;
Fire wall, taker is obtained to the communication link of cluster for isolated data, and the open cluster and route device it
Between communication link;
Central authentication platform, for carrying out legitimacy verifies to the identity of data acquisition person, legitimacy verifies are passed through
The request of data acquisition person is sent to route and current-limiting apparatus;
Route and current-limiting apparatus, are asked for will be sent to cluster by the request of central authentication platform authentication
Ask, and be sent to the concurrent request number of cluster point by current limiting measures guarantee when concurrent request number reaches threshold value.
Compared with prior art, the present invention by S1, fire wall, the fire prevention are provided between cluster and data acquisition person
Wall obtains taker to the communication link of cluster for isolated data, and opens the communication between the cluster and route and current-limiting apparatus
Link;When S2, the data acquisition person ask company-data, need to go to central authentication platform to carry out identity legitimacy school first
Test;The request that S3, identity legitimacy verification pass through is sent to cluster, cluster statistics knot by the route and current-limiting apparatus
Result is sent to route and current-limiting apparatus after fruit, finally by route and the current-limiting apparatus person that issues data acquisition, so as to thorough
The data communication passage completely cut off between data acquisition person and company-data;Unified side can be taken the identity of data acquisition side
Formula is verified;Data safety is reinforced by way of software is together with hardware firewall;Can be by central authentication platform to it
His cluster or other need to carry out unified protection by the system of authentication;Unified identity authentication platform can also pass through current limliting
Ensure the stability of cluster Deng measure;Prevent leaking data.
Brief description of the drawings
Fig. 1 is the inventive method schematic flow sheet;
Fig. 2 carries out identity legitimacy checking process schematic diagram for central authentication platform in the present invention.
The present invention is further illustrated with reference to the accompanying drawings and detailed description.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention
In accompanying drawing, the technical scheme in the embodiment of the present invention is explicitly described, it is clear that described embodiment be the present invention
Part of the embodiment, rather than whole embodiments.
The embodiment of the present invention 1, as shown in Fig. 1~2, the side of data safety is protected under a kind of environment based on distributed type assemblies
Method, specifically comprise the following steps:
S1, fire wall is provided between cluster and data acquisition person, the fire wall obtains taker to collection for isolated data
The communication link of group, and the communication link between the open cluster and route and current-limiting apparatus;
When S2, the data acquisition person ask company-data, need to go to central authentication platform to carry out identity legitimacy first
Verification, is specifically included:
A, the symmetry algorithm list and asymmetric arithmetic list that the data acquisition person is supported itself are sent to described
Central authentication platform, the symmetry algorithm of the support include:DES, 3DES and AES;The asymmetric arithmetic includes RSA and DSA;
B, a kind of symmetry algorithm of central authentication platform selecting returns to the data acquisition person with asymmetric arithmetic and used
To determine enciphering and deciphering algorithm therebetween;
C, the data acquisition person is obtaining symmetry algorithm with randomly generating a message original text after asymmetric arithmetic, and counts
The cryptographic Hash A of message original text is calculated, passes through cryptographic Hash described in the private key encryption of itself using asymmetric arithmetic;It is finally that message is former
The digital certificate that the cryptographic Hash and mark data of message original text after text, encryption obtain taker own identification is sent to the center and recognized
Demonstrate,prove platform;
D, the central authentication platform extracts public key using the asymmetric arithmetic in the step c and from digital certificate
Cryptographic Hash after cryptographic Hash after the encryption is decrypted and decrypted, message original text is then calculated by hash algorithm
Cryptographic Hash B, by comparing the cryptographic Hash A of the message original text and the cryptographic Hash B of message original text uniformity with described in determining
The identity of data acquisition person;
S3, if it is determined that the data acquisition person identity is legal, the central authentication platform randomly generate one it is random
Number is used as session key, after the public key encryption extracted in digital certificate, be sent to the data acquisition person;If it is determined that institute
Illegal, the then identity legitimacy verification failure, and prompt authentication to fail for person's identity of stating data acquisition;By described
The request of identity legitimacy verification is sent to cluster by the route with current-limiting apparatus, is sent to result after cluster statistical result
Route and current-limiting apparatus, finally by route and the current-limiting apparatus person that issues data acquisition, after identity legitimacy verification failure,
Prompt authentication failure.
The present invention also provides the system that data safety is protected under a kind of environment based on distributed type assemblies, and the system includes:
Cluster, for externally providing data retrieval;
Fire wall, taker is obtained to the communication link of cluster for isolated data, and the open cluster and route device it
Between communication link;
Central authentication platform, for carrying out legitimacy verifies to the identity of data acquisition person, legitimacy verifies are passed through
The request of data acquisition person is sent to route and current-limiting apparatus;
Route and current-limiting apparatus, are asked for will be sent to cluster by the request of central authentication platform authentication
Ask, and be sent to the concurrent request number of cluster point by current limiting measures guarantee when concurrent request number reaches threshold value.
The embodiment of the present invention 2, as shown in Fig. 1~2, the side of data safety is protected under a kind of environment based on distributed type assemblies
Method, specifically comprise the following steps:
S1, fire wall is provided between cluster and data acquisition person, the fire wall obtains taker to collection for isolated data
The communication link of group, and the communication link between the open cluster and route and current-limiting apparatus;
When S2, the data acquisition person ask company-data, need to go to central authentication platform to carry out identity legitimacy first
Verification, is specifically included:
A, the symmetry algorithm list and asymmetric arithmetic list that the data acquisition person is supported itself are sent to described
Central authentication platform;
B, a kind of symmetry algorithm of central authentication platform selecting returns to the data acquisition person with asymmetric arithmetic and used
To determine enciphering and deciphering algorithm therebetween;
C, the data acquisition person is obtaining symmetry algorithm with randomly generating a message original text after asymmetric arithmetic, and counts
The cryptographic Hash A of message original text is calculated, passes through cryptographic Hash described in the private key encryption of itself using asymmetric arithmetic;It is finally that message is former
The digital certificate that the cryptographic Hash and mark data of message original text after text, encryption obtain taker own identification is sent to the center and recognized
Demonstrate,prove platform;
D, the cryptographic Hash after the central authentication platform is decrypted and decrypted to the cryptographic Hash after the encryption, so
The cryptographic Hash B of message original text is calculated by hash algorithm afterwards, by the cryptographic Hash A and message original text that compare the message original text
Cryptographic Hash B uniformity is to determine the identity of the data acquisition person;
S3, if it is determined that the data acquisition person identity is legal, the central authentication platform randomly generate one it is random
Number is used as session key, after the public key encryption extracted in digital certificate, be sent to the data acquisition person;If it is determined that institute
Illegal, the then identity legitimacy verification failure, and prompt authentication to fail for person's identity of stating data acquisition;By described
The request of identity legitimacy verification is sent to cluster by the route with current-limiting apparatus, is sent to result after cluster statistical result
Route and current-limiting apparatus, finally by route and the current-limiting apparatus person that issues data acquisition.
The present invention also provides the system that data safety is protected under a kind of environment based on distributed type assemblies, and the system includes:
Cluster, for externally providing data retrieval;
Fire wall, taker is obtained to the communication link of cluster for isolated data, and the open cluster and route device it
Between communication link;
Central authentication platform, for carrying out legitimacy verifies to the identity of data acquisition person, legitimacy verifies are passed through
The request of data acquisition person is sent to route and current-limiting apparatus;
Route and current-limiting apparatus, are asked for will be sent to cluster by the request of central authentication platform authentication
Ask, and be sent to the concurrent request number of cluster point by current limiting measures guarantee when concurrent request number reaches threshold value.
The embodiment of the present invention 3, as shown in Fig. 1~2, the side of data safety is protected under a kind of environment based on distributed type assemblies
Method, specifically comprise the following steps:
S1, fire wall is provided between cluster and data acquisition person, the fire wall obtains taker to collection for isolated data
The communication link of group, and the communication link between the open cluster and route and current-limiting apparatus;
When S2, the data acquisition person ask company-data, need to go to central authentication platform to carry out identity legitimacy first
Verification, is specifically included:
A, the symmetry algorithm list and asymmetric arithmetic list that the data acquisition person is supported itself are sent to described
Central authentication platform;
B, a kind of symmetry algorithm of central authentication platform selecting returns to the data acquisition person with asymmetric arithmetic and used
To determine enciphering and deciphering algorithm therebetween;
C, the data acquisition person is obtaining symmetry algorithm with randomly generating a message original text after asymmetric arithmetic, and counts
The cryptographic Hash A of message original text is calculated, passes through cryptographic Hash described in the private key encryption of itself using asymmetric arithmetic;It is finally that message is former
The digital certificate that the cryptographic Hash and mark data of message original text after text, encryption obtain taker own identification is sent to the center and recognized
Demonstrate,prove platform;
D, the central authentication platform extracts public key using the asymmetric arithmetic in the step c and from digital certificate
Cryptographic Hash after cryptographic Hash after the encryption is decrypted and decrypted, message original text is then calculated by hash algorithm
Cryptographic Hash B, by comparing the cryptographic Hash A of the message original text and the cryptographic Hash B of message original text uniformity with described in determining
The identity of data acquisition person;
S3, by the request that the identity legitimacy verifies by it is described route with current-limiting apparatus be sent to cluster, cluster
Result is sent to route and current-limiting apparatus after statistical result, finally by route and the current-limiting apparatus person that issues data acquisition.
The present invention also provides the system that data safety is protected under a kind of environment based on distributed type assemblies, and the system includes:
Cluster, for externally providing data retrieval;
Fire wall, taker is obtained to the communication link of cluster for isolated data, and the open cluster and route device it
Between communication link;
Central authentication platform, for carrying out legitimacy verifies to the identity of data acquisition person, legitimacy verifies are passed through
The request of data acquisition person is sent to route and current-limiting apparatus;
Route and current-limiting apparatus, are asked for will be sent to cluster by the request of central authentication platform authentication
Ask, and be sent to the concurrent request number of cluster point by current limiting measures guarantee when concurrent request number reaches threshold value.
The embodiment of the present invention 4, as shown in Fig. 1~2, the side of data safety is protected under a kind of environment based on distributed type assemblies
Method, specifically comprise the following steps:
S1, fire wall is provided between cluster and data acquisition person, the fire wall obtains taker to collection for isolated data
The communication link of group, and the communication link between the open cluster and route and current-limiting apparatus;
When S2, the data acquisition person ask company-data, need to go to central authentication platform to carry out identity legitimacy first
Verification, is specifically included:
A, the symmetry algorithm list and asymmetric arithmetic list that the data acquisition person is supported itself are sent to described
Central authentication platform;
B, a kind of symmetry algorithm of central authentication platform selecting returns to the data acquisition person with asymmetric arithmetic and used
To determine enciphering and deciphering algorithm therebetween;
C, the data acquisition person is obtaining symmetry algorithm with randomly generating a message original text after asymmetric arithmetic, and counts
The cryptographic Hash A of message original text is calculated, passes through cryptographic Hash described in the private key encryption of itself using asymmetric arithmetic;It is finally that message is former
The digital certificate that the cryptographic Hash and mark data of message original text after text, encryption obtain taker own identification is sent to the center and recognized
Demonstrate,prove platform;
D, the cryptographic Hash after the central authentication platform is decrypted and decrypted to the cryptographic Hash after the encryption, so
The cryptographic Hash B of message original text is calculated by hash algorithm afterwards, by the cryptographic Hash A and message original text that compare the message original text
Cryptographic Hash B uniformity is to determine the identity of the data acquisition person
S3, if it is determined that the data acquisition person identity is legal, the central authentication platform randomly generate one it is random
Number is used as session key, after the public key encryption extracted in digital certificate, be sent to the data acquisition person;If it is determined that institute
Illegal, the then identity legitimacy verification failure, and prompt authentication to fail for person's identity of stating data acquisition;By described
The request of identity legitimacy verification is sent to cluster by the route with current-limiting apparatus, is sent to result after cluster statistical result
Route and current-limiting apparatus, finally by route and the current-limiting apparatus person that issues data acquisition.
The present invention also provides the system that data safety is protected under a kind of environment based on distributed type assemblies, and described device includes:
Cluster, for externally providing data retrieval;
Fire wall, taker is obtained to the communication link of cluster for isolated data, and the open cluster and route device it
Between communication link;
Central authentication platform, for carrying out legitimacy verifies to the identity of data acquisition person, legitimacy verifies are passed through
The request of data acquisition person is sent to route and current-limiting apparatus;
Route and current-limiting apparatus, are asked for will be sent to cluster by the request of central authentication platform authentication
Ask, and be sent to the concurrent request number of cluster point by current limiting measures guarantee when concurrent request number reaches threshold value.
The embodiment of the present invention 5, as shown in Fig. 1~2, the side of data safety is protected under a kind of environment based on distributed type assemblies
Method, specifically comprise the following steps:
S1, fire wall is provided between cluster and data acquisition person, the fire wall obtains taker to collection for isolated data
The communication link of group, and the communication link between the open cluster and route and current-limiting apparatus;
When S2, the data acquisition person ask company-data, need to go to central authentication platform to carry out identity legitimacy first
Verification;
S3, by the request that the identity legitimacy verifies by it is described route with current-limiting apparatus be sent to cluster, cluster
Result is sent to route and current-limiting apparatus after statistical result, finally by route and the current-limiting apparatus person that issues data acquisition.
The present invention also provides the system that data safety is protected under a kind of environment based on distributed type assemblies, and the system includes:
Cluster, for externally providing data retrieval;
Fire wall, taker is obtained to the communication link of cluster for isolated data, and the open cluster and route device it
Between communication link;
Central authentication platform, for carrying out legitimacy verifies to the identity of data acquisition person, legitimacy verifies are passed through
The request of data acquisition person is sent to route and current-limiting apparatus;
Route and current-limiting apparatus, are asked for will be sent to cluster by the request of central authentication platform authentication
Ask, and be sent to the concurrent request number of cluster point by current limiting measures guarantee when concurrent request number reaches threshold value.
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited thereto, any
Those familiar with the art the invention discloses technical scope in, the change or replacement that can readily occur in, all should
It is included within the scope of the present invention.Therefore, protection scope of the present invention should it is described using scope of the claims as
It is accurate.
Claims (7)
1. the method for data safety is protected under a kind of environment based on distributed type assemblies, it is characterised in that specifically comprise the following steps:
S1, fire wall is provided between cluster and data acquisition person, the fire wall obtains taker to cluster for isolated data
Communication link, and the communication link between the open cluster and route and current-limiting apparatus;
When S2, the data acquisition person ask company-data, need to go to central authentication platform to carry out identity legitimacy verification first;
S3, cluster is sent to current-limiting apparatus by the route by the request that the identity legitimacy verifies, cluster statistics
As a result result is sent to route and current-limiting apparatus afterwards, finally by route and the current-limiting apparatus person that issues data acquisition.
2. as claimed in claim 1 based on the method that data safety is protected under distributed type assemblies environment, it is characterised in that in institute
State in step S2, it is described to go to the progress identity legitimacy verification of central authentication platform to specifically include:
A, the symmetry algorithm list and asymmetric arithmetic list that the data acquisition person is supported itself are sent to the center
Authentication platform;
B, a kind of symmetry algorithm of central authentication platform selecting returns to the data acquisition person to true with asymmetric arithmetic
Fixed enciphering and deciphering algorithm therebetween;
C, the data acquisition person is obtaining symmetry algorithm with randomly generating a message original text after asymmetric arithmetic, and calculates and disappear
The cryptographic Hash A of original text is ceased, passes through cryptographic Hash described in the private key encryption of itself using asymmetric arithmetic;Finally by message original text, plus
The digital certificate that the cryptographic Hash and mark data of message original text after close obtain taker own identification is sent to the central authentication and put down
Platform;
D, the cryptographic Hash after the central authentication platform is decrypted and decrypted to the cryptographic Hash after the encryption, Ran Houtong
The cryptographic Hash B that hash algorithm calculates message original text is crossed, by comparing the cryptographic Hash A of the message original text and the Hash of message original text
Value B uniformity is to determine the identity of the data acquisition person.
3. as claimed in claim 2 based on the method that data safety is protected under distributed type assemblies environment, it is characterised in that described
The symmetry algorithm of support includes:DES, 3DES and AES;The asymmetric arithmetic includes RSA and DSA.
4. as claimed in claim 2 based on the method that data safety is protected under distributed type assemblies environment, it is characterised in that described
Specific method is decrypted to the cryptographic Hash after the encryption in central authentication platform:Use the asymmetric calculation in the step c
Method and from digital certificate extract public key the Hash after encryption is decrypted.
5. as claimed in claim 1 based on the method that data safety data are protected under distributed type assemblies environment, it is characterised in that
Include before the step S3:If it is determined that the data acquisition person identity is legal, the central authentication platform randomly generates
One random number after the public key encryption extracted in digital certificate, is sent to the data acquisition person as session key.
6. as claimed in claim 5 based on the method that data safety data are protected under distributed type assemblies environment, it is characterised in that
Also include before the step S3:If it is determined that the data acquisition person identity is illegal, then the identity legitimacy verification
Failure, and prompt authentication to fail.
7. the system of data safety is protected under a kind of environment based on distributed type assemblies, it is characterised in that described device includes:
Cluster, for externally providing data retrieval;
Fire wall, taker is obtained to the communication link of cluster for isolated data, and between the open cluster and route device
Communication link;
Central authentication platform, for carrying out legitimacy verifies, the data that legitimacy verifies are passed through to the identity of data acquisition person
The request for obtaining taker is sent to route and current-limiting apparatus;
Route and current-limiting apparatus, make requests on for will be sent to cluster by the request of central authentication platform authentication, and
The concurrent request number of cluster point is sent to by current limiting measures guarantee when concurrent request number reaches threshold value.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610867347.5A CN107888543A (en) | 2016-09-30 | 2016-09-30 | Based on the method and system that company-data safety is protected under distributed type assemblies environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610867347.5A CN107888543A (en) | 2016-09-30 | 2016-09-30 | Based on the method and system that company-data safety is protected under distributed type assemblies environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107888543A true CN107888543A (en) | 2018-04-06 |
Family
ID=61769896
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610867347.5A Pending CN107888543A (en) | 2016-09-30 | 2016-09-30 | Based on the method and system that company-data safety is protected under distributed type assemblies environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107888543A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109347869A (en) * | 2018-11-28 | 2019-02-15 | 北京京东金融科技控股有限公司 | Generation method, device, medium and the electronic equipment of inter-cluster communication factor of safety |
| CN110365663A (en) * | 2019-06-28 | 2019-10-22 | 北京淇瑀信息科技有限公司 | Access method, device and electronic equipment between a kind of isolation cluster |
| CN110519217A (en) * | 2019-07-05 | 2019-11-29 | 中国平安人寿保险股份有限公司 | Across company-data transmission method, device, computer equipment and storage medium |
| CN114615073A (en) * | 2022-03-22 | 2022-06-10 | 广州方硅信息技术有限公司 | Access flow control method, device, equipment and medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102025503A (en) * | 2010-11-04 | 2011-04-20 | 北京曙光天演信息技术有限公司 | Data security implementation method in cluster environment and high-security cluster |
| CN102546646A (en) * | 2012-01-17 | 2012-07-04 | 深圳市乐唯科技开发有限公司 | System and method for realizing voice talkback function |
| CN102868728A (en) * | 2012-08-23 | 2013-01-09 | 福建升腾资讯有限公司 | Network proxy method based on virtual channel in virtual desktop infrastructure (VDI) environment |
| CN103746997A (en) * | 2014-01-10 | 2014-04-23 | 浪潮电子信息产业股份有限公司 | Network security solution for cloud computing center |
| US20140122885A1 (en) * | 2012-11-01 | 2014-05-01 | Miiicasa Taiwan Inc. | Method and system for managing device identification |
| CN104023085A (en) * | 2014-06-25 | 2014-09-03 | 武汉大学 | Security cloud storage system based on increment synchronization |
-
2016
- 2016-09-30 CN CN201610867347.5A patent/CN107888543A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102025503A (en) * | 2010-11-04 | 2011-04-20 | 北京曙光天演信息技术有限公司 | Data security implementation method in cluster environment and high-security cluster |
| CN102546646A (en) * | 2012-01-17 | 2012-07-04 | 深圳市乐唯科技开发有限公司 | System and method for realizing voice talkback function |
| CN102868728A (en) * | 2012-08-23 | 2013-01-09 | 福建升腾资讯有限公司 | Network proxy method based on virtual channel in virtual desktop infrastructure (VDI) environment |
| US20140122885A1 (en) * | 2012-11-01 | 2014-05-01 | Miiicasa Taiwan Inc. | Method and system for managing device identification |
| CN103746997A (en) * | 2014-01-10 | 2014-04-23 | 浪潮电子信息产业股份有限公司 | Network security solution for cloud computing center |
| CN104023085A (en) * | 2014-06-25 | 2014-09-03 | 武汉大学 | Security cloud storage system based on increment synchronization |
Non-Patent Citations (1)
| Title |
|---|
| 梁斌: "基于SaaS模式的电子政务应用架构的分析与设计", 《软件产业与工程》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109347869A (en) * | 2018-11-28 | 2019-02-15 | 北京京东金融科技控股有限公司 | Generation method, device, medium and the electronic equipment of inter-cluster communication factor of safety |
| CN110365663A (en) * | 2019-06-28 | 2019-10-22 | 北京淇瑀信息科技有限公司 | Access method, device and electronic equipment between a kind of isolation cluster |
| CN110519217A (en) * | 2019-07-05 | 2019-11-29 | 中国平安人寿保险股份有限公司 | Across company-data transmission method, device, computer equipment and storage medium |
| CN114615073A (en) * | 2022-03-22 | 2022-06-10 | 广州方硅信息技术有限公司 | Access flow control method, device, equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9544280B2 (en) | Utilization of a protected module to prevent offline dictionary attacks | |
| CN106612180B (en) | Method and device for realizing session identification synchronization | |
| CN103595721B (en) | Network disk file secure sharing method, sharing means and shared system | |
| CN103581173B (en) | Safe data transmission method, system and device based on industrial Ethernet | |
| US20170237565A1 (en) | Method and apparatus for logging into medical devices | |
| CN103414690B (en) | One can openly be verified the high in the clouds data property held method of calibration | |
| CN107613316B (en) | Live network push stream verification method and system | |
| CN103001976A (en) | Safe network information transmission method | |
| CN109194656A (en) | A kind of method of distribution wireless terminal secure accessing | |
| CN101272616B (en) | Safety access method of wireless metropolitan area network | |
| WO2017185913A1 (en) | Method for improving wireless local area network authentication mechanism | |
| CN111464503B (en) | Network dynamic defense method, device and system based on random multidimensional transformation | |
| CN108418691A (en) | Dynamic network identity identifying method based on SGX | |
| CN102355663B (en) | Credible inter-domain rapid authentication method on basis of separation mechanism network | |
| CN107888543A (en) | Based on the method and system that company-data safety is protected under distributed type assemblies environment | |
| CN103701787A (en) | User name password authentication method implemented on basis of public key algorithm | |
| TWI526871B (en) | Server, user device, and user device and server interaction method | |
| CN107483459A (en) | The interface protection method of anti-replay-attack | |
| CN106453362A (en) | Data transmission method and apparatus of vehicle-mounted device | |
| CN111740995A (en) | Authorization authentication method and related device | |
| CN110035035B (en) | Secondary authentication method and system for single sign-on | |
| CN108965310A (en) | The anti-tamper encryption implementation method of crossing and device on a kind of batch data | |
| CN116743470A (en) | Service data encryption processing method and device | |
| CN109150906A (en) | A kind of real-time data communication safety method | |
| CN114024672B (en) | Safety protection method and system for power line carrier communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20180406 |