CN107911339A - Information maintenance method and device - Google Patents
Information maintenance method and device Download PDFInfo
- Publication number
- CN107911339A CN107911339A CN201710984944.0A CN201710984944A CN107911339A CN 107911339 A CN107911339 A CN 107911339A CN 201710984944 A CN201710984944 A CN 201710984944A CN 107911339 A CN107911339 A CN 107911339A
- Authority
- CN
- China
- Prior art keywords
- roa
- information
- bgp equipment
- rpki
- maintenances
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
This disclosure relates to a kind of information maintenance method and device.This method includes:ROA maintenances of information request is sent to RPKI servers, the ROA maintenances of information request includes the corresponding authentication information of the BGP equipment;In the case where receiving the authorization message that the RPKI servers are returned according to the corresponding authentication information of the BGP equipment, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA informational functions and/or agency's issue ROA informational functions;According to ROA maintenances of information function carry out ROA maintenances of information.The information maintenance method and device of the disclosure, can enrich the production method and maintaining method of ROA information, ensure the effective operation of source AS verification systems.
Description
Technical field
This disclosure relates to field of communication technology, more particularly to a kind of information maintenance method and device.
Background technology
In correlation technique, in RPKI BGP networkings, BGP (Border Gateway Protocol, Border Gateway Protocol)
Equipment as RPKI (Resource Public Key Infrastructure, resource public key infrastructure) clients to
RPKI server acquisition requests ROA (Route Origination Attestation, the route source visa) information specified.ROA
Information includes network prefix (Network-Prefix), mask scope (Mask-Range) and route source No. AS (Origh-AS)
Deng the AS (Autonomous System, autonomous system) belonging to some network prefix can be described.BGP equipment is obtaining ROA
After information, route source AS verifications can be carried out to the local network prefix learnt.
Fig. 1 shows the schematic diagram of the RPKI BGP networkings in correlation technique.As shown in Figure 1, R1 is asked to RPKI servers
ROA information is obtained, for verifying the reliability of network prefix that R1 locally learns to prevent route to be held as a hostage.Wherein, RPKI
ROA information in server needs manually to import and safeguard, when there is substantial amounts of network prefix to need to do safety check in network
Maintenance cost is higher.Require to upgrade and safeguard ROA information in time in network change, manually import with Maintenance Difficulty to meet to want
Ask.In addition, in RPKI BGP networkings in the related art, if there is the situation of BGP equipment and RPKI server disconnectings,
Then ROA information can be removed, RPKI mechanism failures so that be not distributed to originally by the network prefix of verification in network
And cause serious consequence.
The content of the invention
In view of this, the present disclosure proposes a kind of information maintenance method and device, to solve manually to import in correlation technique
With maintenance cost caused by the ROA information safeguarded in RPKI servers it is higher the problem of.
According to the one side of the disclosure, there is provided a kind of information maintenance method, for RPKI servers, including:
The ROA maintenances of information request for coming from BGP equipment is received, the ROA maintenances of information request includes the BGP equipment
Corresponding authentication information;
According to the corresponding authentication information of the BGP equipment, judge whether to authorize the BGP equipment that there is ROA information
Maintenance function, the ROA maintenances of information function include generation ROA informational functions and/or agency's issue ROA informational functions;
In the case where determining to authorize the BGP equipment that there is ROA maintenances of information, send and use to the BGP equipment
There is the authorization message of ROA maintenances of information in the permission BGP equipment.
According to another aspect of the present disclosure, there is provided a kind of information maintenance method, for BGP equipment, including:
ROA maintenances of information request is sent to RPKI servers, the ROA maintenances of information request includes the BGP equipment pair
The authentication information answered;
Receiving authorization message of the RPKI servers according to the corresponding authentication information return of the BGP equipment
In the case of, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA informational functions and/or agency
Issue ROA informational functions;
According to ROA maintenances of information function carry out ROA maintenances of information.
According to another aspect of the present disclosure, there is provided a kind of maintenance of information device, for RPKI servers, including:
Request receiving module, the ROA maintenances of information request of BGP equipment is come from for receiving, the ROA maintenances of information please
Ask including the corresponding authentication information of the BGP equipment;
Judgment module is authorized, for according to the corresponding authentication information of the BGP equipment, judging whether described in mandate
BGP equipment has the function of ROA maintenances of information, and the ROA maintenances of information function includes generation ROA informational functions and/or agency's hair
Cloth ROA informational functions;
Authorization message sending module, for determining to authorize the BGP equipment that there is ROA maintenances of information
Under, sent to the BGP equipment and be used to allow the BGP equipment that there is the authorization message of ROA maintenances of information.
According to another aspect of the present disclosure, there is provided a kind of maintenance of information device, for BGP equipment, including:
Request sending module, for sending ROA maintenances of information request, the ROA maintenances of information request to RPKI servers
Including the corresponding authentication information of the BGP equipment;
Function setting module, for receiving the RPKI servers according to the corresponding authentication of the BGP equipment
In the case of the authorization message that information returns, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA
Informational function and/or agency's issue ROA informational functions;
Maintenance of information module, for carrying out ROA maintenances of information according to the ROA maintenances of information function having.
According to another aspect of the present disclosure, there is provided a kind of maintenance of information device, including:Processor;Handled for storage
The memory of device executable instruction;Wherein, the processor is configured as performing the above method.
According to another aspect of the present disclosure, there is provided a kind of non-volatile computer readable storage medium storing program for executing, is stored thereon with
Computer program instructions, wherein, the computer program instructions realize the above method when being executed by processor.
The information maintenance method and device of the disclosure, can enrich the production method and maintaining method of ROA information, ensure source
AS verifies the effective operation of system.ROA information on RPKI servers not only can be by manually importing, but also can be by BGP equipment roots
According to home network prefix and the generation of local AS information, the complexity thus, it is possible to reduce ROA maintenances of information in RPKI servers, drop
Low cost.In addition, the ROA information in RPKI servers can rapider more refresh in time, and it is corresponding each to RPKI servers
A BGP equipment is synchronous, improves efficiency.RPKI servers and all ROA agent equipments registered through can carry out ROA information
Issue, thus in the case of other BGP equipment and RPKI server disconnectings, other BGP equipment can be acted on behalf of to ROA and set
Preparation, which rises, inquires about and synchronously, ensures that RPKI servers off-line opisthogenesis AS verifications system is still operating.
According to below with reference to the accompanying drawings becoming to detailed description of illustrative embodiments, the further feature and aspect of the disclosure
It is clear.
Brief description of the drawings
Comprising in the description and the attached drawing of a part for constitution instruction and specification together illustrate the disclosure
Exemplary embodiment, feature and aspect, and for explaining the principle of the disclosure.
Fig. 1 shows the schematic diagram of the RPKI BGP networkings in correlation technique.
Fig. 2 shows the flow chart of the information maintenance method according to one embodiment of the disclosure.
Fig. 3 shows the flow chart of the information maintenance method according to one embodiment of the disclosure.
Fig. 4 shows the schematic diagram of the RPKI BGP networkings according to one embodiment of the disclosure.
Fig. 5 shows the block diagram of the maintenance of information device according to one embodiment of the disclosure.
Fig. 6 shows the block diagram of the maintenance of information device according to one embodiment of the disclosure.
Fig. 7 is a kind of block diagram for maintenance of information device 900 according to an exemplary embodiment.
Embodiment
Describe various exemplary embodiments, feature and the aspect of the disclosure in detail below with reference to attached drawing.It is identical in attached drawing
Reference numeral represent functionally the same or similar element.Although the various aspects of embodiment are shown in the drawings, remove
Non-specifically point out, it is not necessary to attached drawing drawn to scale.
Dedicated word " exemplary " means " being used as example, embodiment or illustrative " herein.Here as " exemplary "
Illustrated any embodiment should not necessarily be construed as preferred or advantageous over other embodiments.
In addition, in order to better illustrate the disclosure, numerous details is given in embodiment below.
It will be appreciated by those skilled in the art that without some details, the disclosure can equally be implemented.In some instances, for
Method, means, element and circuit well known to those skilled in the art are not described in detail, in order to highlight the purport of the disclosure.
In correlation technique, the address of RPKI servers is configured in BGP equipment and the end of connection is established with RPKI servers
After slogan, BGP equipment automatic can establish RPKI with RPKI servers and connect, for interacting ROA information.BGP device configurations RPKI
, can be to No. AS progress RPKI verification of IP address (network segment) and route source when BGP equipment receives BGP routes after function.Verification knot
Fruit has following three kinds:Not-found, represents that there is no the list item for including the IP address (network segment) in ROA databases.Valid, table
Show in ROA databases at least there are the list item that one includes the IP address (network segment), and No. AS in list item and received route
Source AS is identical.Invalid, represents at least there are the list item that one includes the IP address (network segment) in ROA databases, but list item
In No. AS and received route source AS it is different.It is preferred that RPKI verification results will participate in route.During BGP selection routes first
The inaccessible route of next-hop is abandoned, secondly according to RPKI verification results route preferably, i.e., for going to same IP
The a plurality of BGP routes of location (network segment), according to RPKI verification results priority Valid, Not found to Invalid from high to low
Order, the route of highest priority is optimal route.The route of no RPKI verification results is total in the route with there is verification result
During with participating in routeing preferred, handled by Not-found verification results.
Fig. 2 shows the flow chart of the information maintenance method according to one embodiment of the disclosure.This method can be used for RPKI clothes
It is engaged in device.As shown in Fig. 2, the method comprising the steps of S21 to step S23.
In the step s 21, the ROA maintenances of information request for coming from BGP equipment is received, ROA maintenances of information request includes
The corresponding authentication information of BGP equipment.
In step S22, according to the corresponding authentication information of BGP equipment, judge whether to authorize the BGP equipment to have
ROA maintenance of information functions, ROA maintenances of information function include generation ROA informational functions and/or agency's issue ROA informational functions.
In step S23, in the case where determining to authorize the BGP equipment that there is ROA maintenances of information, set to the BGP
Preparation is sent for allowing the BGP equipment to have the function of the authorization message of ROA maintenances of information.
In one implementation, ROA maintenances of information request can be provided with flag bit, and RPKI servers are according to flag bit
Determine the request content of BGP equipment.For example, in the case that the flag bit in ROA maintenances of information request is 1, RPKI servers
Determine that the BGP device requests have generation ROA informational functions;In the case that flag bit in ROA maintenances of information request is 2,
RPKI servers determine that the BGP device requests have agency's issue ROA informational functions.
In another implementation, ROA maintenances of information request can include the request of generation ROA authorizing informations and agency's hair
Cloth ROA authorizing informations ask two classes.RPKI servers determine the request content of BGP equipment according to request type.For example, receiving
In the case of generating the request of ROA authorizing informations, RPKI servers determine that the BGP device requests have generation ROA informational functions;
In the case of receiving agency's issue ROA authorizing information requests, RPKI servers determine that there is the BGP device requests agency to issue
ROA informational functions.
As an example, RPKI servers receive the generation ROA authorizing informations request for coming from the first BGP equipment, should
Generation ROA authorizing information requests include the corresponding authentication information of the first BGP equipment.RPKI servers are set according to the first BGP
Standby corresponding authentication information, judges whether to authorize the first BGP equipment to have generation ROA informational functions.RPKI servers exist
In the case of determining to authorize the first BGP equipment with generation ROA informational functions, sent to the first BGP equipment and be used to allow first
BGP equipment has the authorization message of generation ROA informational functions.
For example, it can newly define the generation request message of PDU (Protocol Data Unit, protocol Data Unit) type
With the first back message.Wherein, generate request message to be used to represent generation ROA authorizing information requests, the first back message is used for
Response generation ROA authorizing information requests.Identification information and the authentication of the first BGP equipment can be included by generating in request message
Information.For example, the first BGP equipment is router, Router Distinguisher (Router ID) sum number can be included by generating in request message
Word certificate (Authentication).The first BGP equipment after mandate can use the digital certificate of RPKI servers to carry out body
Part certification.
Wherein, the first BGP equipment is the self-produced generating apparatus of ROA, i.e. the first BGP equipment after by RPKI server mandates,
Can be according to home network prefix and local AS information generation ROA information.BGP equipment can be the equipment of operation bgp protocol, example
Such as bgp router.In RPKI BGP networkings, BGP equipment is believed as RPKI clients to RPKI server acquisition requests ROA
Breath.Home network prefix can refer to the local network prefix originated in route, such as 128.14.35.7/20 etc., local AS information
Local No. AS can be referred to, such as AS100 etc., the disclosure is without limitation.
Wherein, authentication information can be the digital certificate that BGP equipment obtains after CA/RA agency qualifications.For example,
BGP equipment can obtain RPKI after applying successfully by information such as local public keys to CA mechanisms application digital certificate in RA mechanisms
CRL (the Certificate Revocation of the relevant information of server, the digital certificate of other BGP equipment and CA/RA mechanisms
List, certificate revocation list) etc..BGP equipment can pass through the information and RPKI servers and other BGP equipment of above-mentioned acquisition
Between carry out authentication, the disclosure is without limitation.
It should be noted that although body is described as example using the digital certificate obtained after CA/RA agency qualifications
Part authentication information as above, it is understood by one of ordinary skill in the art that the disclosure answers not limited to this.Those skilled in the art can root
Authentication information is flexibly set according to practical application scene.
In one implementation, if RPKI servers determine that the first BGP device requests have generation according to maintenance request
ROA informational functions, then sending the mandate for allowing the first BGP equipment to have generation ROA informational functions to the first BGP equipment
After information, this method further includes:RPKI servers receive and store the ROA information for coming from the first BGP equipment, ROA letters
Breath is by the first BGP equipment according to home network prefix and the generation of local AS information.
In one implementation, RPKI servers receive and store the ROA information for coming from the first BGP equipment, can be with
Including:Receive and store the source-information and sequence number of the ROA information and the ROA information that come from the first BGP equipment.Its
In, the source-information of ROA information can be the manufacturer information of ROA information, such as the identification information of the first BGP equipment, sequence
Number can be ROA information sequencing numbers.RPKI servers or ROA agent equipments can according to the source-information of ROA information and
Sequence number carries out follow-up maintenance to ROA information.
In one implementation, the ROA infomational messages of PDU types can newly be defined.Wherein, ROA infomational messages are used for
Represent the message for including ROA information that the first BGP equipment is sent to RPKI servers or ROA agent equipments.In ROA infomational messages
It can include the ROA information of the first BGP equipment generation and the source-information and sequence number of the ROA information.For example, the first BGP
Equipment is router, can include in ROA infomational messages network prefix (IPv4/IPv6Prefix), No. AS (AS Number),
Router Distinguisher (Router ID) and sequence number (Serial Number).
In one implementation, the ROA information manually imported can be stored in static ROA databases by RPKI servers
In, the ROA information of the self-produced generating apparatus generations of all ROA is stored in dynamic ROA databases.Static ROA databases and dynamic
ROA databases collectively form ROA databases.RPKI servers carry out ROA information issues according to ROA databases.In addition, RPKI takes
Be engaged in device can timing in dynamic ROA databases ROA information carry out aging deletion, with ensure dynamic ROA databases take compared with
Small memory.
As an example, the first BGP equipment is after the digital certificate that CA/RA mechanisms issue is obtained, to RPKI servers
Application generation ROA authorizing informations.RPKI servers receive the generation ROA authorizing informations request for coming from the first BGP equipment, the life
Include the digital certificate of the first BGP equipment into the request of ROA authorizing informations.RPKI servers are demonstrate,proved according to the numeral of the first BGP equipment
Whether book, the CRL obtained from CA/RA mechanisms simultaneously authorize the first BGP equipment to have generation ROA information work(with reference to itself strategy decision
Energy.In the case where determining to authorize the first BGP equipment to have generation ROA informational functions, RPKI servers are sent out to the first BGP equipment
Send the authorization message for allowing the first BGP equipment that there is generation ROA informational functions.Thus the first BGP equipment can be according to this
Ground network prefix and local AS information generation ROA information.
The information maintenance method of the disclosure, ROA information on RPKI servers not only can be by manually importing, but also can be by
BGP equipment is according to home network prefix and the generation of local AS information, thus, it is possible to reduce ROA maintenances of information in RPKI servers
Complexity, reduces cost.In addition, ROA information in RPKI servers can rapider more refresh in time, and to RPKI servers
Corresponding each BGP equipment is synchronous, improves efficiency.
As an example, agency's issue ROA authorizing informations that the reception of RPKI servers comes from the 2nd BGP equipment please
Ask, which, which issues the request of ROA authorizing informations, includes the corresponding authentication information of the 2nd BGP equipment.RPKI servers according to
The corresponding authentication information of 2nd BGP equipment, judges whether to authorize the 2nd BGP equipment to have agency's issue ROA informational functions.
RPKI servers are in the case where determining to authorize the 2nd BGP equipment to have agency's issue ROA informational functions, to the 2nd BGP equipment
ROA information is sent, so that the 2nd BGP equipment carries out ROA information issues according to the ROA information received.
For example, it can newly define the proxy requests message and the second back message of PDU types.Wherein, proxy requests message
For representing to act on behalf of issue ROA authorizing information requests, the second back message is used for response agent issue ROA authorizing information requests.
It can include the identification information and authentication information of the 2nd BGP equipment in proxy requests message.For example, the 2nd BGP equipment is
Router, can include Router Distinguisher (Router ID) and digital certificate (Authentication) in proxy requests message.
The 2nd BGP equipment after mandate can use the digital certificate of RPKI servers to carry out authentication.
Wherein, the 2nd BGP equipment is ROA agent equipments, i.e., the 2nd BGP equipment is after by RPKI server mandates, energy
It is enough that ROA information issues are carried out according to the ROA information stored.If the first BGP equipment is not present in RPKI BGP networkings, second
The ROA databases that what BGP equipment received come from RPKI servers are static state ROA databases.If deposited in RPKI BGP networkings
In the first BGP equipment, then the ROA databases for coming from RPKI servers that the 2nd BGP equipment receives are static state ROA databases
With dynamic ROA databases.
In one implementation, if RPKI servers determine that the 2nd BGP device requests have agency according to maintenance request
ROA informational functions are issued, then after determining to authorize the 2nd BGP equipment to have agency's issue ROA informational functions, this method is also wrapped
Include:RPKI servers send agent equipment information to corresponding each BGP equipment respectively, and agent equipment information includes the 2nd BGP
The relevant information of equipment.
In one implementation, RPKI servers send agent equipment information to corresponding each BGP equipment respectively, can
With including:All ROA agent equipments registered through are sent to the corresponding each BGP equipment of RPKI servers respectively to correspond to
Agent equipment information.Wherein, agent equipment information can include address information (Address) and the port of ROA agent equipments
Number information (Port).
As an example, the 2nd BGP equipment is after the digital certificate that CA/RA mechanisms issue is obtained, to RPKI servers
Application agency's issue ROA authorizing informations.RPKI servers receive the agency's issue ROA authorizing informations for coming from the 2nd BGP equipment
Request, which, which issues the request of ROA authorizing informations, includes the digital certificate of the 2nd BGP equipment.RPKI servers are according to the 2nd BGP
Whether the digital certificate of equipment, the CRL obtained from CA/RA mechanisms simultaneously authorize the 2nd BGP equipment to have with reference to itself strategy decision
Agency's issue ROA informational functions.In the case where determining to authorize the 2nd BGP equipment that there is agency's issue ROA informational functions, RPKI
Server sends ROA information to the 2nd BGP equipment.RPKI servers record the address information and port numbers letter of the 2nd BGP equipment
Breath, the corresponding agent equipment information of the 2nd BGP equipment of generation, and sent respectively to the corresponding each BGP equipment of RPKI servers
Agent equipment information.Thus the 2nd BGP equipment can carry out ROA information issues according to the ROA information stored, respond other
The ROA information inquiries and synchronization of BGP equipment.
The information maintenance method of the disclosure, RPKI servers and all ROA agent equipments registered through can carry out
ROA information is issued, and thus in the case of other BGP equipment and RPKI server disconnectings, other BGP equipment can be to
ROA agent equipments initiate to inquire about and synchronously, ensure that RPKI servers off-line opisthogenesis AS verifications system is still operating.
Fig. 3 shows the flow chart of the information maintenance method according to one embodiment of the disclosure.This method can be used for BGP equipment
In.As shown in figure 3, the method comprising the steps of S31 to step S33.
In step S31, ROA maintenances of information request is sent to RPKI servers, ROA maintenances of information request includes should
The corresponding authentication information of BGP equipment.
In step s 32, RPKI servers awarding according to the corresponding authentication information return of the BGP equipment is being received
In the case of weighing information, there is ROA maintenances of information, ROA maintenances of information function includes generation ROA informational functions and/or generation
Haircut cloth ROA informational functions.
In step S33, according to ROA maintenances of information function carry out ROA maintenances of information.
In one implementation, the first BGP equipment sends generation ROA authorizing information requests, the life to RPKI servers
Include the corresponding authentication information of the first BGP equipment into the request of ROA authorizing informations.First BGP equipment is receiving RPKI clothes
In the case of authorization message of the device according to the corresponding authentication information return of the first BGP equipment of being engaged in, according to the first BGP equipment
Home network prefix and local AS information generation ROA information.First BGP equipment sends generated ROA to RPKI servers and believes
Breath.
In one implementation, the first BGP equipment receives the agent equipment information for coming from RPKI servers, the agency
Facility information includes the relevant information of the 2nd BGP equipment.First BGP equipment is according to home network prefix and the generation of local AS information
ROA information, generated ROA information is sent to the 2nd BGP equipment.
In one implementation, the first BGP equipment is deleted in the case where detecting with RPKI server disconnectings
What is received comes from the ROA information of RPKI servers.First BGP equipment sends ROA acquisition of information to the 2nd BGP equipment please
Ask.First BGP equipment receives and stores the ROA information for coming from the 2nd BGP equipment.
Wherein, BGP equipment including user after RPKI server disconnectings with (not performing Shutdown order down interfaces
Caused connection disconnects), BGP equipment can attempt to re-establish with RPKI servers and be connected, and will be obtained from RPKI servers
ROA information is set to ageing state, and BGP equipment will perform following operation:If in ageing time, BGP equipment takes with RPKI again
Business device establishes connection, then releases the ageing state of ROA information.If until ageing time time-out, BGP equipment and RPKI server
Still connection can not be re-established, then deletes the ROA information.The corresponding value range of ageing time of ROA information can be 30
~360 seconds.
In one implementation, the 2nd BGP equipment sends agency's issue ROA authorizing information requests to RPKI servers,
The agency, which issues the request of ROA authorizing informations, includes the corresponding authentication information of the 2nd BGP equipment.2nd BGP equipment receives simultaneously
Storage comes from the ROA information of RPKI servers.2nd BGP equipment carries out ROA information issues according to the ROA information stored.
In one implementation, the 2nd BGP equipment receive come from the 3rd BGP equipment ROA acquisition of information please
In the case of asking, stored ROA information is sent to the 3rd BGP equipment;Wherein, the 3rd BGP equipment is connected with RPKI servers
Interrupt.
Wherein, the 3rd BGP equipment can be the BGP equipment with RPKI server disconnectings.In other words, the disclosure only limits
The connection status of the 3rd BGP equipment and RPKI servers is made, the type without limiting the 3rd BGP equipment, the 3rd BGP equipment can be with
For the self-produced generating apparatus of ROA, ROA agent equipments or common BGP equipment.
In one implementation, the 2nd BGP equipment receives and stores the ROA information for coming from the first BGP equipment, should
ROA information is by the first BGP equipment according to home network prefix and the generation of local AS information.2nd BGP equipment detect with
In the case of RPKI server disconnectings, the ROA information for coming from RPKI servers received is deleted, and according to being stored
Come from the first BGP equipment ROA information carry out ROA information issues.
Fig. 4 shows the schematic diagram of the RPKI BGP networkings according to one embodiment of the disclosure.BGP equipment can be drawn in present case
It is divided into 3 kinds:Common BGP equipment, the self-produced generating apparatus of ROA and ROA agent equipments.As shown in figure 4, R1 for the self-produced generating apparatus of ROA and
ROA agent equipments, R4 are the self-produced generating apparatus of ROA, and R2/R3 is common BGP equipment, and following steps describe whole synchronizing process:
1st, R1/R4 as terminal PKI (Public Key Infrastructure, Public Key Infrastructure) entities to CA/RA
Mechanism application digital certificate
R1/R4, to CA mechanisms application digital certificate, is obtained by information such as local public keys after applying successfully in RA mechanisms
The CRL of the relevant information of RPKI servers, the digital certificate of other BGP equipment and CA/RA mechanisms, CRL have recorded CA mechanisms
The sequence number of digital certificate through revoking and its revoke the information such as date.
2nd, R1/R4 also registers ROA information agencies issue at the same time to RPKI server registration ROA information from function, R1 is produced
Function
To RPKI server application ROA information from producing function, when application, needs to hold what CA/RA mechanisms issued R1/R4
Whether digital certificate, RPKI servers are verified the digital certificate of R1/R4 according to CRL and are authorized according to itself strategy decision.In addition,
To RPKI server application ROA information agency issuing functions, when application, is also required to hold the numeral card that CA/RA mechanisms issue R1
Book, whether RPKI servers are verified the digital certificate of R1 according to CRL and are authorized according to itself strategy decision, and record the address of R1
Information and port number information.
3rd, R1/R4 is synchronous from the ROA information produced to RPKI servers and R1
R1/R4 is in the net that from after producing function, R1/R4 will be originated locally in route to RPKI server registration ROA information
Network prefix notices the ROA information with generating ROA information after local No. AS binding to RPKI servers.R1/R4 can also polymerize
Or form final ROA information after carrying out strategy.Need to carry coming for the ROA information during ROA information that R1/R4 notices produce certainly
Source information and sequence number.In addition, R4 in addition to the notice of RPKI servers from the ROA information produced, can also be acted on behalf of to ROA and set
ROA information of the standby R1 notices from generation.R1 RPKI servers up to when, can and RPKI server sync dynamic ROA databases,
Refreshed according to sequence number synchronization to keep ROA information consistent.R1 can delete RPKI servers and lead to when RPKI servers are unreachable
The static ROA databases of announcement, are externally noticed according to ROA information in local dynamic ROA databases.In addition, ROA information upload procedures
Need the digital certificate using both sides to be encrypted and sign, ensure the correctness and integrality of ROA information, RPKI servers and
R1 is received is managed and safeguards dynamic ROA databases from after the ROA information produced.Then, RPKI servers can be with all BGP
The synchronous local all ROA information to come into force of equipment R1/R2/R3/R4.
4th, RPKI servers to all BGP equipment R1/R2/R3/R4 synchronization ROA information and send agent equipment information
RPKI servers are to all BGP equipment R1/R2/R3/R4 synchronization ROA information.In addition, RPKI servers can also to except
Other BGP equipment R2/R3/R4 sends agent equipment information beyond ROA agent equipments:The address information and port number information of R1.
RPKI servers it is synchronous with R1 from the ROA information produced when be also required to carry the source-information and sequence number of the ROA information, with
ROA information energy accurate synchronizations between R1 and RPKI servers are ensured, and when the BGP equipment to non-ROA agent equipments is synchronous
It need not carry.
There is ROA information sources on RPKI servers:Static ROA, manually imports;Dynamic ROA, is led to by the self-produced generating apparatus of ROA
Accuse.Need to safeguard a dynamic ROA database after collecting the ROA information of the self-produced generating apparatus generations of all ROA on RPKI servers,
Distinguished according to the source-information of ROA information, dynamic ROA databases will be between RPKI servers and ROA agent equipments
Interaction is protected to keep ROA information consistent.
Thus whole ROA completes deployment and the whole network synchronization from the information push of generation, ROA synchronizations and ROA agencies, below
Describe under several RPKI server failures scenes, common BGP equipment and the processing of ROA agent equipments and the self-produced generating apparatus of ROA
Situation, illustrates the validity of the program:
Scene one:
As shown in figure 4, when RPKI server exceptions or network failure cause common BGP equipment R2 and RPKI servers
During TCP disconnectings, all ROA information that R2 agings are noticed by RPKI servers, and initiate ROA letters to ROA agent equipments R1
Breath is synchronous.In addition, run timing device poll original RPKI servers are connected whether normal, continuation and R1 holdings company when unsuccessful by R2
Connect interactive ROA information;The then connection of active break and R1, the ROA information that aging is issued by R1, synchronous RPKI servers during success
The ROA information of notice.Scene one can be used for RPKI server failures or unreachable on common BGP equipment R2, and R2 is acted on behalf of to ROA
Equipment R1 asks the situation of ROA information.
Scene two:
As shown in figure 4, when RPKI server exceptions or network failure cause the self-produced generating apparatus R4 of ROA and RPKI servers
During TCP disconnectings, all ROA information that R4 agings are noticed by RPKI servers, including RPKI services oneself are advertised to before
The ROA information of device, and initiate ROA synchronizing informations to ROA agent equipments R1.In addition, R4 takes run timing device poll original RPKI
Whether device connection of being engaged in normal, continue to keep connecting with R1 when unsuccessful interact ROA information in ROA information, including synchronous R1 with
And the ROA information of oneself generation is noticed to R1;The then connection of active break and R1 during success, the ROA information that aging is issued by R1,
The ROA information of synchronous RPKI servers notice.Wherein, the number using both sides is needed when the ROA information that R4 notices produce certainly is to R1
Word certificate is encrypted and signs, and ensures the correctness and integrality of ROA information.Scene two can be used for the self-produced generating apparatus of ROA
The upper RPKI server failures or unreachable of R4, situations of the R4 to ROA agent equipments R1 request ROA information.
Scene three:
As shown in figure 4, when RPKI server exceptions or network failure cause ROA agent equipments R1 and RPKI servers
During TCP disconnectings, all ROA information that R1 agings are noticed by RPKI servers, only retain it is local from the ROA information produced and
The ROA information that the self-produced generating apparatus of other ROA is actively noticed, subsequently waits other BGP device pollings and run timing device poll former
Whether the connection of RPKI servers is normal:If have other BGP device pollings to come in, R1 is synchronous local all to other BGP equipment
The ROA information to come into force.If have the self-produced generating apparatus of other ROA to R1 upload ROA information, added using the digital certificate of both sides
Close and signature, to verify the self-produced generating apparatus of other ROA from the ROA information produced, and updates local ROA databases.If R1 sheets
During the ROA information changes that ground produces certainly, local ROA databases are updated if RPKI servers are unreachable at this time.If R1 with
RPKI servers recover connection, both will carry the source-information and sequence of the ROA information when noticing the ROA information produced certainly mutually
Row number, to ensure that ROA information updatings are correct.If for example, on R4 from produce ROA information changes when, due to connecting fault not
There is notice to RPKI servers but notify to R1, R1 notices the R4 of RPKI servers from the corresponding sequence of ROA information of generation
Number will be better than the original R4 of RPKI server locals from produce the corresponding sequence number of ROA information, at this time RPKI servers will
Carry out ROA information refresh process.If R4 recovers normal with RPKI servers, R4 renewals will not issue R1 from the ROA information produced,
R1 when being interacted with RPKI servers, gets R4 from the sequence number of the ROA information produced it may determine that whether needing at this time
Renewal is handled.In short, in the case where RPKI servers and ROA agent equipments can mutually reach, ROA information on RPKI servers with
ROA information on ROA agent equipments needs to be consistent.Scene three can be used for RPKI servers event on ROA agent equipments R1
Barrier or inaccessible situation.
Scene four:
As shown in figure 4, after RPKI servers are disconnected with the self-produced generating apparatus of ROA, it is fixed that RPKI servers will run ROA information
When device carry out aging delete processing, while actively notice ROA information changes to corresponding BGP equipment.Scene four can be used for
After the disconnection of RPKI servers is connected with the self-produced generating apparatus of ROA, the situation of the maintenance processing of ROA information on RPKI servers.
Fig. 5 shows the block diagram of the maintenance of information device according to one embodiment of the disclosure.The device can be used for RPKI services
In device.As shown in figure 5, the device includes:
Request receiving module 51, the ROA maintenances of information request of BGP equipment, the ROA maintenances of information are come from for receiving
Request includes the corresponding authentication information of the BGP equipment;Judgment module 52 is authorized, for being corresponded to according to the BGP equipment
Authentication information, judge whether to authorize the BGP equipment that there is ROA maintenances of information, the ROA maintenances of information function
Including generation ROA informational functions and/or agency's issue ROA informational functions;Authorization message sending module 53, for determining to authorize
In the case that the BGP equipment has the function of ROA maintenances of information, sent to the BGP equipment and be used to allow the BGP equipment to have
There is the authorization message of ROA maintenance of information functions.
In one implementation, if determining that the BGP device requests have generation ROA information according to the maintenance request
Function, then described device further include:ROA information receiving modules 54, the ROA of the BGP equipment is come from for receiving and storing
Information, the ROA information is by the BGP equipment according to home network prefix and the generation of local AS information.
In one implementation, if determining that the BGP device requests have agency's issue ROA according to the maintenance request
Informational function, then described device further include:ROA information sending modules 55, for sending ROA information to the BGP equipment, so that
Obtain the BGP equipment and ROA information issues are carried out according to the ROA information received;Agent equipment information sending module 56, for dividing
Agent equipment information is not sent to the corresponding each BGP equipment of the RPKI servers, the agent equipment information includes described
The relevant information of BGP equipment.
The maintenance of information device of the disclosure, ROA information on RPKI servers not only can be by manually importing, but also can be by
BGP equipment is according to home network prefix and the generation of local AS information, thus, it is possible to reduce ROA maintenances of information in RPKI servers
Complexity, reduces cost.In addition, ROA information in RPKI servers can rapider more refresh in time, and to RPKI servers
Corresponding each BGP equipment is synchronous, improves efficiency.
Fig. 6 shows the block diagram of the maintenance of information device according to one embodiment of the disclosure.The device can be used for BGP equipment
In.As shown in fig. 6, the device includes:
Request sending module 61, for sending ROA maintenances of information request to RPKI servers, the ROA maintenances of information please
Ask including the corresponding authentication information of the BGP equipment;Function setting module 62, for receiving the RPKI servers
In the case of the authorization message returned according to the corresponding authentication information of the BGP equipment, there is ROA maintenances of information,
The ROA maintenances of information function includes generation ROA informational functions and/or agency's issue ROA informational functions;Maintenance of information module
63, for carrying out ROA maintenances of information according to the ROA maintenances of information function having.
In one implementation, if having generation ROA informational functions according to the authorization message, described information is safeguarded
Module 63 is additionally operable to:According to the home network prefix of the BGP equipment and local AS information generation ROA information;To the RPKI
Server and/or the BGP equipment with agency's issue ROA informational functions send generated ROA information, so that the RPKI
Server and/or the BGP equipment with agency's issue ROA informational functions carry out ROA information according to the ROA information received
Issue.
In one implementation, if there is agency's issue ROA informational functions, described information according to the authorization message
Maintenance module 63 is additionally operable to:Receive and store and come from the RPKI servers and/or the BGP with generation ROA informational functions
The ROA information of equipment;In the case where receiving the ROA information acquisition requests for coming from other BGP equipment, to it is described other
BGP equipment sends stored ROA information;Wherein, other described BGP equipment and the RPKI servers disconnecting.
The maintenance of information device of the disclosure, RPKI servers and all ROA agent equipments registered through can carry out
ROA information is issued, and thus in the case of other BGP equipment and RPKI server disconnectings, other BGP equipment can be to
ROA agent equipments initiate to inquire about and synchronously, ensure that RPKI servers off-line opisthogenesis AS verifications system is still operating.
Fig. 7 is a kind of block diagram for maintenance of information device 900 according to an exemplary embodiment., should with reference to Fig. 7
Device 900 may include processor 901, be stored with the machinable medium 902 of machine-executable instruction.Processor 901 with
Machinable medium 902 can communicate via system bus 903.Also, processor 901 passes through read machine readable storage medium
Machine-executable instruction corresponding with maintenance of information logic is to perform information maintenance method described above in matter 902.Specifically
Maintaining method may refer to method shown in Fig. 2 and Fig. 3 and above-mentioned specific embodiment, the present embodiment repeat no more this.
Machinable medium 902 referred to herein can be any electronics, magnetism, optics or other physical stores
Device, can include or store information, such as executable instruction, data, etc..For example, machinable medium can be:
RAM (Radom Access Memory, random access memory), volatile memory, nonvolatile memory, flash memory, storage are driven
Dynamic device (such as hard disk drive), solid state hard disc, any kind of storage dish (such as CD, dvd), or similar storage medium,
Or combinations thereof.
The presently disclosed embodiments is described above, described above is exemplary, and non-exclusive, and
It is not limited to disclosed each embodiment.In the case of without departing from the scope and spirit of illustrated each embodiment, for this skill
Many modifications and changes will be apparent from for the those of ordinary skill in art field.The selection of term used herein, purport
Best explaining the principle of each embodiment, practical application or technological improvement to the technology in market, or making the art
Other those of ordinary skill be understood that each embodiment disclosed herein.
Claims (12)
- A kind of 1. information maintenance method, it is characterised in that for RPKI servers, including:The ROA maintenances of information request for coming from BGP equipment is received, the ROA maintenances of information request includes the BGP equipment and corresponds to Authentication information;According to the corresponding authentication information of the BGP equipment, judge whether to authorize the BGP equipment that there is ROA maintenances of information Function, the ROA maintenances of information function include generation ROA informational functions and/or agency's issue ROA informational functions;In the case where determining to authorize the BGP equipment that there is ROA maintenances of information, sent to the BGP equipment and be used to permit Perhaps described BGP equipment has the function of the authorization message of ROA maintenances of information.
- 2. if according to the method described in claim 1, it is characterized in that, determine that the BGP equipment please according to the maintenance request Ask with ROA informational functions are generated, then the method further includes:The ROA information for coming from the BGP equipment is received and stored, the ROA information is by the BGP equipment according to local network Prefix and the generation of local AS information.
- 3. if according to the method described in claim 1, it is characterized in that, determine that the BGP equipment please according to the maintenance request Ask and issue ROA informational functions with agency, then the method further includes:ROA information is sent to the BGP equipment, so that the BGP equipment carries out ROA information according to the ROA information received Issue;Respectively agent equipment information, the agent equipment packet are sent to the corresponding each BGP equipment of the RPKI servers Include the relevant information of the BGP equipment.
- A kind of 4. information maintenance method, it is characterised in that for BGP equipment, including:ROA maintenances of information request is sent to RPKI servers, it is corresponding that the ROA maintenances of information request includes the BGP equipment Authentication information;Receiving the feelings for the authorization message that the RPKI servers are returned according to the corresponding authentication information of the BGP equipment Under condition, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA informational functions and/or agency's issue ROA informational functions;According to ROA maintenances of information function carry out ROA maintenances of information.
- 5. according to the method described in claim 4, it is characterized in that, if generation ROA information work(is had according to the authorization message Can, then ROA maintenances of information are carried out according to the ROA maintenances of information function having, including:According to the home network prefix of the BGP equipment and local AS information generation ROA information;To the RPKI servers and/or the BGP equipment with agency's issue ROA informational functions sends generated ROA information, So that the RPKI servers and/or the BGP equipment with agency's issue ROA informational functions are according to the ROA received Information carries out ROA information issues.
- 6. according to the method described in claim 4, it is characterized in that, if agency's issue ROA letters are had according to the authorization message Function is ceased, then ROA maintenances of information are carried out according to the ROA maintenances of information function having, including:Receive and store the ROA information for coming from the RPKI servers and/or the BGP equipment with generation ROA informational functions;In the case where receiving the ROA information acquisition requests for coming from other BGP equipment, sent to other described BGP equipment The ROA information stored;Wherein, other described BGP equipment and the RPKI servers disconnecting.
- A kind of 7. maintenance of information device, it is characterised in that for RPKI servers, including:Request receiving module, the ROA maintenances of information request of BGP equipment, the ROA maintenances of information request bag are come from for receiving Include the corresponding authentication information of the BGP equipment;Judgment module is authorized, for according to the corresponding authentication information of the BGP equipment, judging whether to authorize the BGP to set Standby to have the function of ROA maintenances of information, the ROA maintenances of information function includes generation ROA informational functions and/or agency's issue ROA Informational function;Authorization message sending module, in the case of there is ROA maintenances of information in the definite mandate BGP equipment, to The BGP equipment, which is sent, to be used to allow the BGP equipment to have the function of the authorization message of ROA maintenances of information.
- 8. device according to claim 7, it is characterised in that if determining that the BGP equipment please according to the maintenance request Ask with ROA informational functions are generated, then described device further includes:ROA information receiving modules, the ROA information of the BGP equipment are come from for receiving and storing, the ROA information is by institute BGP equipment is stated according to home network prefix and the generation of local AS information.
- 9. device according to claim 7, it is characterised in that if determining that the BGP equipment please according to the maintenance request Ask and issue ROA informational functions with agency, then described device further includes:ROA information sending modules, for sending ROA information to the BGP equipment, so that the BGP equipment is according to receiving ROA information carry out ROA information issues;Agent equipment information sending module, sets for sending agency to the corresponding each BGP equipment of the RPKI servers respectively Standby information, the agent equipment information include the relevant information of the BGP equipment.
- A kind of 10. maintenance of information device, it is characterised in that for BGP equipment, including:Request sending module, for sending ROA maintenances of information request to RPKI servers, the ROA maintenances of information request includes The corresponding authentication information of the BGP equipment;Function setting module, for receiving the RPKI servers according to the corresponding authentication information of the BGP equipment In the case of the authorization message of return, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA information Function and/or agency's issue ROA informational functions;Maintenance of information module, for carrying out ROA maintenances of information according to the ROA maintenances of information function having.
- 11. device according to claim 10, it is characterised in that if there is generation ROA information according to the authorization message Function, then described information maintenance module be additionally operable to:According to the home network prefix of the BGP equipment and local AS information generation ROA information;To the RPKI servers and/or the BGP equipment with agency's issue ROA informational functions sends generated ROA information, So that the RPKI servers and/or the BGP equipment with agency's issue ROA informational functions are according to the ROA received Information carries out ROA information issues.
- 12. device according to claim 10, it is characterised in that if there is agency's issue ROA according to the authorization message Informational function, then described information maintenance module be additionally operable to:Receive and store the ROA information for coming from the RPKI servers and/or the BGP equipment with generation ROA informational functions;In the case where receiving the ROA information acquisition requests for coming from other BGP equipment, sent to other described BGP equipment The ROA information stored;Wherein, other described BGP equipment and the RPKI servers disconnecting.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710984944.0A CN107911339B (en) | 2017-10-20 | 2017-10-20 | Information maintenance method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710984944.0A CN107911339B (en) | 2017-10-20 | 2017-10-20 | Information maintenance method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107911339A true CN107911339A (en) | 2018-04-13 |
CN107911339B CN107911339B (en) | 2020-08-11 |
Family
ID=61840777
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710984944.0A Active CN107911339B (en) | 2017-10-20 | 2017-10-20 | Information maintenance method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107911339B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111314285A (en) * | 2019-12-18 | 2020-06-19 | 北京邮电大学 | Method and device for detecting route prefix attack |
US20210158346A1 (en) * | 2019-11-25 | 2021-05-27 | Guangzhou University | Method for certificate transaction validation of blockchain-based resource public key infrastructure |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102763377A (en) * | 2009-12-15 | 2012-10-31 | 电话有限公司 | Method for distributing routing information for redundant connections |
US20150207818A1 (en) * | 2014-01-22 | 2015-07-23 | Cisco Technology, Inc. | Overcoming circular dependencies when bootstrapping an rpki site |
WO2016096005A1 (en) * | 2014-12-18 | 2016-06-23 | Nokia Solutions And Networks Oy | Trusted routing between communication network systems |
US9479475B1 (en) * | 2014-03-17 | 2016-10-25 | Michael E. Mazarick | System and method for IPv4 to IPv6 transition rather than an outage |
CN106453651A (en) * | 2016-11-30 | 2017-02-22 | 中国互联网络信息中心 | RPKI (resource public key infrastructure) database and data synchronization method |
-
2017
- 2017-10-20 CN CN201710984944.0A patent/CN107911339B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102763377A (en) * | 2009-12-15 | 2012-10-31 | 电话有限公司 | Method for distributing routing information for redundant connections |
US20150207818A1 (en) * | 2014-01-22 | 2015-07-23 | Cisco Technology, Inc. | Overcoming circular dependencies when bootstrapping an rpki site |
US9654482B2 (en) * | 2014-01-22 | 2017-05-16 | Cisco Technology, Inc. | Overcoming circular dependencies when bootstrapping an RPKI site |
US9479475B1 (en) * | 2014-03-17 | 2016-10-25 | Michael E. Mazarick | System and method for IPv4 to IPv6 transition rather than an outage |
WO2016096005A1 (en) * | 2014-12-18 | 2016-06-23 | Nokia Solutions And Networks Oy | Trusted routing between communication network systems |
CN107251509A (en) * | 2014-12-18 | 2017-10-13 | 诺基亚通信公司 | Credible route between communications network system |
CN106453651A (en) * | 2016-11-30 | 2017-02-22 | 中国互联网络信息中心 | RPKI (resource public key infrastructure) database and data synchronization method |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20210158346A1 (en) * | 2019-11-25 | 2021-05-27 | Guangzhou University | Method for certificate transaction validation of blockchain-based resource public key infrastructure |
US11521205B2 (en) * | 2019-11-25 | 2022-12-06 | Guangzhou University | Method for certificate transaction validation of blockchain-based resource public key infrastructure |
CN111314285A (en) * | 2019-12-18 | 2020-06-19 | 北京邮电大学 | Method and device for detecting route prefix attack |
Also Published As
Publication number | Publication date |
---|---|
CN107911339B (en) | 2020-08-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106372868B (en) | Verification method and device for transaction data written into block chain | |
EP3742696A1 (en) | Identity management method, equipment, communication network, and storage medium | |
CN102082733B (en) | Portal system and access method thereof | |
JP5975594B2 (en) | Communication terminal and communication system | |
US9154503B2 (en) | Authorization method and terminal device | |
CN110392014A (en) | Communication means and device between internet of things equipment | |
CN109345245A (en) | Short-message verification method, equipment, network and storage medium based on block chain | |
CN104580104A (en) | Method, device and system for identity verification | |
CN106934628A (en) | The generation verification method and system of a kind of passive anti-fake two-dimension code | |
CN109412792A (en) | Generation, authentication method, communication equipment and the storage medium of digital certificate | |
CN112468571B (en) | Intranet and extranet data synchronization method and device, electronic equipment and storage medium | |
CN102970308B (en) | A kind of user authen method and server | |
CN109194633A (en) | Address book backup method and system | |
CN101682511A (en) | Apparatus and method of verifying online certificate for offline device | |
CN107911339A (en) | Information maintenance method and device | |
CN101247295A (en) | Method and device for acquiring access controller information in wireless local area network | |
CN102546523B (en) | Security certification method, system and equipment for internet access | |
CN102056170B (en) | Mobile terminal user authentication method and system | |
US9065692B2 (en) | Information notification apparatus, method, and program product | |
CN107342869B (en) | Credible roll calling method and system based on intelligent terminal | |
CN105447121A (en) | Database cluster connection reestablishing method with high availability | |
CN109379371A (en) | Certification authentication method, apparatus and system | |
CN115296822A (en) | Method and system for realizing service processing | |
CN108833105A (en) | Electric endorsement method and device | |
CN107786525A (en) | The account verification method and device of Webpage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |