CN107911339A - Information maintenance method and device - Google Patents

Information maintenance method and device Download PDF

Info

Publication number
CN107911339A
CN107911339A CN201710984944.0A CN201710984944A CN107911339A CN 107911339 A CN107911339 A CN 107911339A CN 201710984944 A CN201710984944 A CN 201710984944A CN 107911339 A CN107911339 A CN 107911339A
Authority
CN
China
Prior art keywords
roa
information
bgp equipment
rpki
maintenances
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710984944.0A
Other languages
Chinese (zh)
Other versions
CN107911339B (en
Inventor
苏平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Technologies Co Ltd
Original Assignee
New H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Technologies Co Ltd filed Critical New H3C Technologies Co Ltd
Priority to CN201710984944.0A priority Critical patent/CN107911339B/en
Publication of CN107911339A publication Critical patent/CN107911339A/en
Application granted granted Critical
Publication of CN107911339B publication Critical patent/CN107911339B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

This disclosure relates to a kind of information maintenance method and device.This method includes:ROA maintenances of information request is sent to RPKI servers, the ROA maintenances of information request includes the corresponding authentication information of the BGP equipment;In the case where receiving the authorization message that the RPKI servers are returned according to the corresponding authentication information of the BGP equipment, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA informational functions and/or agency's issue ROA informational functions;According to ROA maintenances of information function carry out ROA maintenances of information.The information maintenance method and device of the disclosure, can enrich the production method and maintaining method of ROA information, ensure the effective operation of source AS verification systems.

Description

Information maintenance method and device
Technical field
This disclosure relates to field of communication technology, more particularly to a kind of information maintenance method and device.
Background technology
In correlation technique, in RPKI BGP networkings, BGP (Border Gateway Protocol, Border Gateway Protocol) Equipment as RPKI (Resource Public Key Infrastructure, resource public key infrastructure) clients to RPKI server acquisition requests ROA (Route Origination Attestation, the route source visa) information specified.ROA Information includes network prefix (Network-Prefix), mask scope (Mask-Range) and route source No. AS (Origh-AS) Deng the AS (Autonomous System, autonomous system) belonging to some network prefix can be described.BGP equipment is obtaining ROA After information, route source AS verifications can be carried out to the local network prefix learnt.
Fig. 1 shows the schematic diagram of the RPKI BGP networkings in correlation technique.As shown in Figure 1, R1 is asked to RPKI servers ROA information is obtained, for verifying the reliability of network prefix that R1 locally learns to prevent route to be held as a hostage.Wherein, RPKI ROA information in server needs manually to import and safeguard, when there is substantial amounts of network prefix to need to do safety check in network Maintenance cost is higher.Require to upgrade and safeguard ROA information in time in network change, manually import with Maintenance Difficulty to meet to want Ask.In addition, in RPKI BGP networkings in the related art, if there is the situation of BGP equipment and RPKI server disconnectings, Then ROA information can be removed, RPKI mechanism failures so that be not distributed to originally by the network prefix of verification in network And cause serious consequence.
The content of the invention
In view of this, the present disclosure proposes a kind of information maintenance method and device, to solve manually to import in correlation technique With maintenance cost caused by the ROA information safeguarded in RPKI servers it is higher the problem of.
According to the one side of the disclosure, there is provided a kind of information maintenance method, for RPKI servers, including:
The ROA maintenances of information request for coming from BGP equipment is received, the ROA maintenances of information request includes the BGP equipment Corresponding authentication information;
According to the corresponding authentication information of the BGP equipment, judge whether to authorize the BGP equipment that there is ROA information Maintenance function, the ROA maintenances of information function include generation ROA informational functions and/or agency's issue ROA informational functions;
In the case where determining to authorize the BGP equipment that there is ROA maintenances of information, send and use to the BGP equipment There is the authorization message of ROA maintenances of information in the permission BGP equipment.
According to another aspect of the present disclosure, there is provided a kind of information maintenance method, for BGP equipment, including:
ROA maintenances of information request is sent to RPKI servers, the ROA maintenances of information request includes the BGP equipment pair The authentication information answered;
Receiving authorization message of the RPKI servers according to the corresponding authentication information return of the BGP equipment In the case of, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA informational functions and/or agency Issue ROA informational functions;
According to ROA maintenances of information function carry out ROA maintenances of information.
According to another aspect of the present disclosure, there is provided a kind of maintenance of information device, for RPKI servers, including:
Request receiving module, the ROA maintenances of information request of BGP equipment is come from for receiving, the ROA maintenances of information please Ask including the corresponding authentication information of the BGP equipment;
Judgment module is authorized, for according to the corresponding authentication information of the BGP equipment, judging whether described in mandate BGP equipment has the function of ROA maintenances of information, and the ROA maintenances of information function includes generation ROA informational functions and/or agency's hair Cloth ROA informational functions;
Authorization message sending module, for determining to authorize the BGP equipment that there is ROA maintenances of information Under, sent to the BGP equipment and be used to allow the BGP equipment that there is the authorization message of ROA maintenances of information.
According to another aspect of the present disclosure, there is provided a kind of maintenance of information device, for BGP equipment, including:
Request sending module, for sending ROA maintenances of information request, the ROA maintenances of information request to RPKI servers Including the corresponding authentication information of the BGP equipment;
Function setting module, for receiving the RPKI servers according to the corresponding authentication of the BGP equipment In the case of the authorization message that information returns, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA Informational function and/or agency's issue ROA informational functions;
Maintenance of information module, for carrying out ROA maintenances of information according to the ROA maintenances of information function having.
According to another aspect of the present disclosure, there is provided a kind of maintenance of information device, including:Processor;Handled for storage The memory of device executable instruction;Wherein, the processor is configured as performing the above method.
According to another aspect of the present disclosure, there is provided a kind of non-volatile computer readable storage medium storing program for executing, is stored thereon with Computer program instructions, wherein, the computer program instructions realize the above method when being executed by processor.
The information maintenance method and device of the disclosure, can enrich the production method and maintaining method of ROA information, ensure source AS verifies the effective operation of system.ROA information on RPKI servers not only can be by manually importing, but also can be by BGP equipment roots According to home network prefix and the generation of local AS information, the complexity thus, it is possible to reduce ROA maintenances of information in RPKI servers, drop Low cost.In addition, the ROA information in RPKI servers can rapider more refresh in time, and it is corresponding each to RPKI servers A BGP equipment is synchronous, improves efficiency.RPKI servers and all ROA agent equipments registered through can carry out ROA information Issue, thus in the case of other BGP equipment and RPKI server disconnectings, other BGP equipment can be acted on behalf of to ROA and set Preparation, which rises, inquires about and synchronously, ensures that RPKI servers off-line opisthogenesis AS verifications system is still operating.
According to below with reference to the accompanying drawings becoming to detailed description of illustrative embodiments, the further feature and aspect of the disclosure It is clear.
Brief description of the drawings
Comprising in the description and the attached drawing of a part for constitution instruction and specification together illustrate the disclosure Exemplary embodiment, feature and aspect, and for explaining the principle of the disclosure.
Fig. 1 shows the schematic diagram of the RPKI BGP networkings in correlation technique.
Fig. 2 shows the flow chart of the information maintenance method according to one embodiment of the disclosure.
Fig. 3 shows the flow chart of the information maintenance method according to one embodiment of the disclosure.
Fig. 4 shows the schematic diagram of the RPKI BGP networkings according to one embodiment of the disclosure.
Fig. 5 shows the block diagram of the maintenance of information device according to one embodiment of the disclosure.
Fig. 6 shows the block diagram of the maintenance of information device according to one embodiment of the disclosure.
Fig. 7 is a kind of block diagram for maintenance of information device 900 according to an exemplary embodiment.
Embodiment
Describe various exemplary embodiments, feature and the aspect of the disclosure in detail below with reference to attached drawing.It is identical in attached drawing Reference numeral represent functionally the same or similar element.Although the various aspects of embodiment are shown in the drawings, remove Non-specifically point out, it is not necessary to attached drawing drawn to scale.
Dedicated word " exemplary " means " being used as example, embodiment or illustrative " herein.Here as " exemplary " Illustrated any embodiment should not necessarily be construed as preferred or advantageous over other embodiments.
In addition, in order to better illustrate the disclosure, numerous details is given in embodiment below. It will be appreciated by those skilled in the art that without some details, the disclosure can equally be implemented.In some instances, for Method, means, element and circuit well known to those skilled in the art are not described in detail, in order to highlight the purport of the disclosure.
In correlation technique, the address of RPKI servers is configured in BGP equipment and the end of connection is established with RPKI servers After slogan, BGP equipment automatic can establish RPKI with RPKI servers and connect, for interacting ROA information.BGP device configurations RPKI , can be to No. AS progress RPKI verification of IP address (network segment) and route source when BGP equipment receives BGP routes after function.Verification knot Fruit has following three kinds:Not-found, represents that there is no the list item for including the IP address (network segment) in ROA databases.Valid, table Show in ROA databases at least there are the list item that one includes the IP address (network segment), and No. AS in list item and received route Source AS is identical.Invalid, represents at least there are the list item that one includes the IP address (network segment) in ROA databases, but list item In No. AS and received route source AS it is different.It is preferred that RPKI verification results will participate in route.During BGP selection routes first The inaccessible route of next-hop is abandoned, secondly according to RPKI verification results route preferably, i.e., for going to same IP The a plurality of BGP routes of location (network segment), according to RPKI verification results priority Valid, Not found to Invalid from high to low Order, the route of highest priority is optimal route.The route of no RPKI verification results is total in the route with there is verification result During with participating in routeing preferred, handled by Not-found verification results.
Fig. 2 shows the flow chart of the information maintenance method according to one embodiment of the disclosure.This method can be used for RPKI clothes It is engaged in device.As shown in Fig. 2, the method comprising the steps of S21 to step S23.
In the step s 21, the ROA maintenances of information request for coming from BGP equipment is received, ROA maintenances of information request includes The corresponding authentication information of BGP equipment.
In step S22, according to the corresponding authentication information of BGP equipment, judge whether to authorize the BGP equipment to have ROA maintenance of information functions, ROA maintenances of information function include generation ROA informational functions and/or agency's issue ROA informational functions.
In step S23, in the case where determining to authorize the BGP equipment that there is ROA maintenances of information, set to the BGP Preparation is sent for allowing the BGP equipment to have the function of the authorization message of ROA maintenances of information.
In one implementation, ROA maintenances of information request can be provided with flag bit, and RPKI servers are according to flag bit Determine the request content of BGP equipment.For example, in the case that the flag bit in ROA maintenances of information request is 1, RPKI servers Determine that the BGP device requests have generation ROA informational functions;In the case that flag bit in ROA maintenances of information request is 2, RPKI servers determine that the BGP device requests have agency's issue ROA informational functions.
In another implementation, ROA maintenances of information request can include the request of generation ROA authorizing informations and agency's hair Cloth ROA authorizing informations ask two classes.RPKI servers determine the request content of BGP equipment according to request type.For example, receiving In the case of generating the request of ROA authorizing informations, RPKI servers determine that the BGP device requests have generation ROA informational functions; In the case of receiving agency's issue ROA authorizing information requests, RPKI servers determine that there is the BGP device requests agency to issue ROA informational functions.
As an example, RPKI servers receive the generation ROA authorizing informations request for coming from the first BGP equipment, should Generation ROA authorizing information requests include the corresponding authentication information of the first BGP equipment.RPKI servers are set according to the first BGP Standby corresponding authentication information, judges whether to authorize the first BGP equipment to have generation ROA informational functions.RPKI servers exist In the case of determining to authorize the first BGP equipment with generation ROA informational functions, sent to the first BGP equipment and be used to allow first BGP equipment has the authorization message of generation ROA informational functions.
For example, it can newly define the generation request message of PDU (Protocol Data Unit, protocol Data Unit) type With the first back message.Wherein, generate request message to be used to represent generation ROA authorizing information requests, the first back message is used for Response generation ROA authorizing information requests.Identification information and the authentication of the first BGP equipment can be included by generating in request message Information.For example, the first BGP equipment is router, Router Distinguisher (Router ID) sum number can be included by generating in request message Word certificate (Authentication).The first BGP equipment after mandate can use the digital certificate of RPKI servers to carry out body Part certification.
Wherein, the first BGP equipment is the self-produced generating apparatus of ROA, i.e. the first BGP equipment after by RPKI server mandates, Can be according to home network prefix and local AS information generation ROA information.BGP equipment can be the equipment of operation bgp protocol, example Such as bgp router.In RPKI BGP networkings, BGP equipment is believed as RPKI clients to RPKI server acquisition requests ROA Breath.Home network prefix can refer to the local network prefix originated in route, such as 128.14.35.7/20 etc., local AS information Local No. AS can be referred to, such as AS100 etc., the disclosure is without limitation.
Wherein, authentication information can be the digital certificate that BGP equipment obtains after CA/RA agency qualifications.For example, BGP equipment can obtain RPKI after applying successfully by information such as local public keys to CA mechanisms application digital certificate in RA mechanisms CRL (the Certificate Revocation of the relevant information of server, the digital certificate of other BGP equipment and CA/RA mechanisms List, certificate revocation list) etc..BGP equipment can pass through the information and RPKI servers and other BGP equipment of above-mentioned acquisition Between carry out authentication, the disclosure is without limitation.
It should be noted that although body is described as example using the digital certificate obtained after CA/RA agency qualifications Part authentication information as above, it is understood by one of ordinary skill in the art that the disclosure answers not limited to this.Those skilled in the art can root Authentication information is flexibly set according to practical application scene.
In one implementation, if RPKI servers determine that the first BGP device requests have generation according to maintenance request ROA informational functions, then sending the mandate for allowing the first BGP equipment to have generation ROA informational functions to the first BGP equipment After information, this method further includes:RPKI servers receive and store the ROA information for coming from the first BGP equipment, ROA letters Breath is by the first BGP equipment according to home network prefix and the generation of local AS information.
In one implementation, RPKI servers receive and store the ROA information for coming from the first BGP equipment, can be with Including:Receive and store the source-information and sequence number of the ROA information and the ROA information that come from the first BGP equipment.Its In, the source-information of ROA information can be the manufacturer information of ROA information, such as the identification information of the first BGP equipment, sequence Number can be ROA information sequencing numbers.RPKI servers or ROA agent equipments can according to the source-information of ROA information and Sequence number carries out follow-up maintenance to ROA information.
In one implementation, the ROA infomational messages of PDU types can newly be defined.Wherein, ROA infomational messages are used for Represent the message for including ROA information that the first BGP equipment is sent to RPKI servers or ROA agent equipments.In ROA infomational messages It can include the ROA information of the first BGP equipment generation and the source-information and sequence number of the ROA information.For example, the first BGP Equipment is router, can include in ROA infomational messages network prefix (IPv4/IPv6Prefix), No. AS (AS Number), Router Distinguisher (Router ID) and sequence number (Serial Number).
In one implementation, the ROA information manually imported can be stored in static ROA databases by RPKI servers In, the ROA information of the self-produced generating apparatus generations of all ROA is stored in dynamic ROA databases.Static ROA databases and dynamic ROA databases collectively form ROA databases.RPKI servers carry out ROA information issues according to ROA databases.In addition, RPKI takes Be engaged in device can timing in dynamic ROA databases ROA information carry out aging deletion, with ensure dynamic ROA databases take compared with Small memory.
As an example, the first BGP equipment is after the digital certificate that CA/RA mechanisms issue is obtained, to RPKI servers Application generation ROA authorizing informations.RPKI servers receive the generation ROA authorizing informations request for coming from the first BGP equipment, the life Include the digital certificate of the first BGP equipment into the request of ROA authorizing informations.RPKI servers are demonstrate,proved according to the numeral of the first BGP equipment Whether book, the CRL obtained from CA/RA mechanisms simultaneously authorize the first BGP equipment to have generation ROA information work(with reference to itself strategy decision Energy.In the case where determining to authorize the first BGP equipment to have generation ROA informational functions, RPKI servers are sent out to the first BGP equipment Send the authorization message for allowing the first BGP equipment that there is generation ROA informational functions.Thus the first BGP equipment can be according to this Ground network prefix and local AS information generation ROA information.
The information maintenance method of the disclosure, ROA information on RPKI servers not only can be by manually importing, but also can be by BGP equipment is according to home network prefix and the generation of local AS information, thus, it is possible to reduce ROA maintenances of information in RPKI servers Complexity, reduces cost.In addition, ROA information in RPKI servers can rapider more refresh in time, and to RPKI servers Corresponding each BGP equipment is synchronous, improves efficiency.
As an example, agency's issue ROA authorizing informations that the reception of RPKI servers comes from the 2nd BGP equipment please Ask, which, which issues the request of ROA authorizing informations, includes the corresponding authentication information of the 2nd BGP equipment.RPKI servers according to The corresponding authentication information of 2nd BGP equipment, judges whether to authorize the 2nd BGP equipment to have agency's issue ROA informational functions. RPKI servers are in the case where determining to authorize the 2nd BGP equipment to have agency's issue ROA informational functions, to the 2nd BGP equipment ROA information is sent, so that the 2nd BGP equipment carries out ROA information issues according to the ROA information received.
For example, it can newly define the proxy requests message and the second back message of PDU types.Wherein, proxy requests message For representing to act on behalf of issue ROA authorizing information requests, the second back message is used for response agent issue ROA authorizing information requests. It can include the identification information and authentication information of the 2nd BGP equipment in proxy requests message.For example, the 2nd BGP equipment is Router, can include Router Distinguisher (Router ID) and digital certificate (Authentication) in proxy requests message. The 2nd BGP equipment after mandate can use the digital certificate of RPKI servers to carry out authentication.
Wherein, the 2nd BGP equipment is ROA agent equipments, i.e., the 2nd BGP equipment is after by RPKI server mandates, energy It is enough that ROA information issues are carried out according to the ROA information stored.If the first BGP equipment is not present in RPKI BGP networkings, second The ROA databases that what BGP equipment received come from RPKI servers are static state ROA databases.If deposited in RPKI BGP networkings In the first BGP equipment, then the ROA databases for coming from RPKI servers that the 2nd BGP equipment receives are static state ROA databases With dynamic ROA databases.
In one implementation, if RPKI servers determine that the 2nd BGP device requests have agency according to maintenance request ROA informational functions are issued, then after determining to authorize the 2nd BGP equipment to have agency's issue ROA informational functions, this method is also wrapped Include:RPKI servers send agent equipment information to corresponding each BGP equipment respectively, and agent equipment information includes the 2nd BGP The relevant information of equipment.
In one implementation, RPKI servers send agent equipment information to corresponding each BGP equipment respectively, can With including:All ROA agent equipments registered through are sent to the corresponding each BGP equipment of RPKI servers respectively to correspond to Agent equipment information.Wherein, agent equipment information can include address information (Address) and the port of ROA agent equipments Number information (Port).
As an example, the 2nd BGP equipment is after the digital certificate that CA/RA mechanisms issue is obtained, to RPKI servers Application agency's issue ROA authorizing informations.RPKI servers receive the agency's issue ROA authorizing informations for coming from the 2nd BGP equipment Request, which, which issues the request of ROA authorizing informations, includes the digital certificate of the 2nd BGP equipment.RPKI servers are according to the 2nd BGP Whether the digital certificate of equipment, the CRL obtained from CA/RA mechanisms simultaneously authorize the 2nd BGP equipment to have with reference to itself strategy decision Agency's issue ROA informational functions.In the case where determining to authorize the 2nd BGP equipment that there is agency's issue ROA informational functions, RPKI Server sends ROA information to the 2nd BGP equipment.RPKI servers record the address information and port numbers letter of the 2nd BGP equipment Breath, the corresponding agent equipment information of the 2nd BGP equipment of generation, and sent respectively to the corresponding each BGP equipment of RPKI servers Agent equipment information.Thus the 2nd BGP equipment can carry out ROA information issues according to the ROA information stored, respond other The ROA information inquiries and synchronization of BGP equipment.
The information maintenance method of the disclosure, RPKI servers and all ROA agent equipments registered through can carry out ROA information is issued, and thus in the case of other BGP equipment and RPKI server disconnectings, other BGP equipment can be to ROA agent equipments initiate to inquire about and synchronously, ensure that RPKI servers off-line opisthogenesis AS verifications system is still operating.
Fig. 3 shows the flow chart of the information maintenance method according to one embodiment of the disclosure.This method can be used for BGP equipment In.As shown in figure 3, the method comprising the steps of S31 to step S33.
In step S31, ROA maintenances of information request is sent to RPKI servers, ROA maintenances of information request includes should The corresponding authentication information of BGP equipment.
In step s 32, RPKI servers awarding according to the corresponding authentication information return of the BGP equipment is being received In the case of weighing information, there is ROA maintenances of information, ROA maintenances of information function includes generation ROA informational functions and/or generation Haircut cloth ROA informational functions.
In step S33, according to ROA maintenances of information function carry out ROA maintenances of information.
In one implementation, the first BGP equipment sends generation ROA authorizing information requests, the life to RPKI servers Include the corresponding authentication information of the first BGP equipment into the request of ROA authorizing informations.First BGP equipment is receiving RPKI clothes In the case of authorization message of the device according to the corresponding authentication information return of the first BGP equipment of being engaged in, according to the first BGP equipment Home network prefix and local AS information generation ROA information.First BGP equipment sends generated ROA to RPKI servers and believes Breath.
In one implementation, the first BGP equipment receives the agent equipment information for coming from RPKI servers, the agency Facility information includes the relevant information of the 2nd BGP equipment.First BGP equipment is according to home network prefix and the generation of local AS information ROA information, generated ROA information is sent to the 2nd BGP equipment.
In one implementation, the first BGP equipment is deleted in the case where detecting with RPKI server disconnectings What is received comes from the ROA information of RPKI servers.First BGP equipment sends ROA acquisition of information to the 2nd BGP equipment please Ask.First BGP equipment receives and stores the ROA information for coming from the 2nd BGP equipment.
Wherein, BGP equipment including user after RPKI server disconnectings with (not performing Shutdown order down interfaces Caused connection disconnects), BGP equipment can attempt to re-establish with RPKI servers and be connected, and will be obtained from RPKI servers ROA information is set to ageing state, and BGP equipment will perform following operation:If in ageing time, BGP equipment takes with RPKI again Business device establishes connection, then releases the ageing state of ROA information.If until ageing time time-out, BGP equipment and RPKI server Still connection can not be re-established, then deletes the ROA information.The corresponding value range of ageing time of ROA information can be 30 ~360 seconds.
In one implementation, the 2nd BGP equipment sends agency's issue ROA authorizing information requests to RPKI servers, The agency, which issues the request of ROA authorizing informations, includes the corresponding authentication information of the 2nd BGP equipment.2nd BGP equipment receives simultaneously Storage comes from the ROA information of RPKI servers.2nd BGP equipment carries out ROA information issues according to the ROA information stored.
In one implementation, the 2nd BGP equipment receive come from the 3rd BGP equipment ROA acquisition of information please In the case of asking, stored ROA information is sent to the 3rd BGP equipment;Wherein, the 3rd BGP equipment is connected with RPKI servers Interrupt.
Wherein, the 3rd BGP equipment can be the BGP equipment with RPKI server disconnectings.In other words, the disclosure only limits The connection status of the 3rd BGP equipment and RPKI servers is made, the type without limiting the 3rd BGP equipment, the 3rd BGP equipment can be with For the self-produced generating apparatus of ROA, ROA agent equipments or common BGP equipment.
In one implementation, the 2nd BGP equipment receives and stores the ROA information for coming from the first BGP equipment, should ROA information is by the first BGP equipment according to home network prefix and the generation of local AS information.2nd BGP equipment detect with In the case of RPKI server disconnectings, the ROA information for coming from RPKI servers received is deleted, and according to being stored Come from the first BGP equipment ROA information carry out ROA information issues.
Fig. 4 shows the schematic diagram of the RPKI BGP networkings according to one embodiment of the disclosure.BGP equipment can be drawn in present case It is divided into 3 kinds:Common BGP equipment, the self-produced generating apparatus of ROA and ROA agent equipments.As shown in figure 4, R1 for the self-produced generating apparatus of ROA and ROA agent equipments, R4 are the self-produced generating apparatus of ROA, and R2/R3 is common BGP equipment, and following steps describe whole synchronizing process:
1st, R1/R4 as terminal PKI (Public Key Infrastructure, Public Key Infrastructure) entities to CA/RA Mechanism application digital certificate
R1/R4, to CA mechanisms application digital certificate, is obtained by information such as local public keys after applying successfully in RA mechanisms The CRL of the relevant information of RPKI servers, the digital certificate of other BGP equipment and CA/RA mechanisms, CRL have recorded CA mechanisms The sequence number of digital certificate through revoking and its revoke the information such as date.
2nd, R1/R4 also registers ROA information agencies issue at the same time to RPKI server registration ROA information from function, R1 is produced Function
To RPKI server application ROA information from producing function, when application, needs to hold what CA/RA mechanisms issued R1/R4 Whether digital certificate, RPKI servers are verified the digital certificate of R1/R4 according to CRL and are authorized according to itself strategy decision.In addition, To RPKI server application ROA information agency issuing functions, when application, is also required to hold the numeral card that CA/RA mechanisms issue R1 Book, whether RPKI servers are verified the digital certificate of R1 according to CRL and are authorized according to itself strategy decision, and record the address of R1 Information and port number information.
3rd, R1/R4 is synchronous from the ROA information produced to RPKI servers and R1
R1/R4 is in the net that from after producing function, R1/R4 will be originated locally in route to RPKI server registration ROA information Network prefix notices the ROA information with generating ROA information after local No. AS binding to RPKI servers.R1/R4 can also polymerize Or form final ROA information after carrying out strategy.Need to carry coming for the ROA information during ROA information that R1/R4 notices produce certainly Source information and sequence number.In addition, R4 in addition to the notice of RPKI servers from the ROA information produced, can also be acted on behalf of to ROA and set ROA information of the standby R1 notices from generation.R1 RPKI servers up to when, can and RPKI server sync dynamic ROA databases, Refreshed according to sequence number synchronization to keep ROA information consistent.R1 can delete RPKI servers and lead to when RPKI servers are unreachable The static ROA databases of announcement, are externally noticed according to ROA information in local dynamic ROA databases.In addition, ROA information upload procedures Need the digital certificate using both sides to be encrypted and sign, ensure the correctness and integrality of ROA information, RPKI servers and R1 is received is managed and safeguards dynamic ROA databases from after the ROA information produced.Then, RPKI servers can be with all BGP The synchronous local all ROA information to come into force of equipment R1/R2/R3/R4.
4th, RPKI servers to all BGP equipment R1/R2/R3/R4 synchronization ROA information and send agent equipment information
RPKI servers are to all BGP equipment R1/R2/R3/R4 synchronization ROA information.In addition, RPKI servers can also to except Other BGP equipment R2/R3/R4 sends agent equipment information beyond ROA agent equipments:The address information and port number information of R1. RPKI servers it is synchronous with R1 from the ROA information produced when be also required to carry the source-information and sequence number of the ROA information, with ROA information energy accurate synchronizations between R1 and RPKI servers are ensured, and when the BGP equipment to non-ROA agent equipments is synchronous It need not carry.
There is ROA information sources on RPKI servers:Static ROA, manually imports;Dynamic ROA, is led to by the self-produced generating apparatus of ROA Accuse.Need to safeguard a dynamic ROA database after collecting the ROA information of the self-produced generating apparatus generations of all ROA on RPKI servers, Distinguished according to the source-information of ROA information, dynamic ROA databases will be between RPKI servers and ROA agent equipments Interaction is protected to keep ROA information consistent.
Thus whole ROA completes deployment and the whole network synchronization from the information push of generation, ROA synchronizations and ROA agencies, below Describe under several RPKI server failures scenes, common BGP equipment and the processing of ROA agent equipments and the self-produced generating apparatus of ROA Situation, illustrates the validity of the program:
Scene one:
As shown in figure 4, when RPKI server exceptions or network failure cause common BGP equipment R2 and RPKI servers During TCP disconnectings, all ROA information that R2 agings are noticed by RPKI servers, and initiate ROA letters to ROA agent equipments R1 Breath is synchronous.In addition, run timing device poll original RPKI servers are connected whether normal, continuation and R1 holdings company when unsuccessful by R2 Connect interactive ROA information;The then connection of active break and R1, the ROA information that aging is issued by R1, synchronous RPKI servers during success The ROA information of notice.Scene one can be used for RPKI server failures or unreachable on common BGP equipment R2, and R2 is acted on behalf of to ROA Equipment R1 asks the situation of ROA information.
Scene two:
As shown in figure 4, when RPKI server exceptions or network failure cause the self-produced generating apparatus R4 of ROA and RPKI servers During TCP disconnectings, all ROA information that R4 agings are noticed by RPKI servers, including RPKI services oneself are advertised to before The ROA information of device, and initiate ROA synchronizing informations to ROA agent equipments R1.In addition, R4 takes run timing device poll original RPKI Whether device connection of being engaged in normal, continue to keep connecting with R1 when unsuccessful interact ROA information in ROA information, including synchronous R1 with And the ROA information of oneself generation is noticed to R1;The then connection of active break and R1 during success, the ROA information that aging is issued by R1, The ROA information of synchronous RPKI servers notice.Wherein, the number using both sides is needed when the ROA information that R4 notices produce certainly is to R1 Word certificate is encrypted and signs, and ensures the correctness and integrality of ROA information.Scene two can be used for the self-produced generating apparatus of ROA The upper RPKI server failures or unreachable of R4, situations of the R4 to ROA agent equipments R1 request ROA information.
Scene three:
As shown in figure 4, when RPKI server exceptions or network failure cause ROA agent equipments R1 and RPKI servers During TCP disconnectings, all ROA information that R1 agings are noticed by RPKI servers, only retain it is local from the ROA information produced and The ROA information that the self-produced generating apparatus of other ROA is actively noticed, subsequently waits other BGP device pollings and run timing device poll former Whether the connection of RPKI servers is normal:If have other BGP device pollings to come in, R1 is synchronous local all to other BGP equipment The ROA information to come into force.If have the self-produced generating apparatus of other ROA to R1 upload ROA information, added using the digital certificate of both sides Close and signature, to verify the self-produced generating apparatus of other ROA from the ROA information produced, and updates local ROA databases.If R1 sheets During the ROA information changes that ground produces certainly, local ROA databases are updated if RPKI servers are unreachable at this time.If R1 with RPKI servers recover connection, both will carry the source-information and sequence of the ROA information when noticing the ROA information produced certainly mutually Row number, to ensure that ROA information updatings are correct.If for example, on R4 from produce ROA information changes when, due to connecting fault not There is notice to RPKI servers but notify to R1, R1 notices the R4 of RPKI servers from the corresponding sequence of ROA information of generation Number will be better than the original R4 of RPKI server locals from produce the corresponding sequence number of ROA information, at this time RPKI servers will Carry out ROA information refresh process.If R4 recovers normal with RPKI servers, R4 renewals will not issue R1 from the ROA information produced, R1 when being interacted with RPKI servers, gets R4 from the sequence number of the ROA information produced it may determine that whether needing at this time Renewal is handled.In short, in the case where RPKI servers and ROA agent equipments can mutually reach, ROA information on RPKI servers with ROA information on ROA agent equipments needs to be consistent.Scene three can be used for RPKI servers event on ROA agent equipments R1 Barrier or inaccessible situation.
Scene four:
As shown in figure 4, after RPKI servers are disconnected with the self-produced generating apparatus of ROA, it is fixed that RPKI servers will run ROA information When device carry out aging delete processing, while actively notice ROA information changes to corresponding BGP equipment.Scene four can be used for After the disconnection of RPKI servers is connected with the self-produced generating apparatus of ROA, the situation of the maintenance processing of ROA information on RPKI servers.
Fig. 5 shows the block diagram of the maintenance of information device according to one embodiment of the disclosure.The device can be used for RPKI services In device.As shown in figure 5, the device includes:
Request receiving module 51, the ROA maintenances of information request of BGP equipment, the ROA maintenances of information are come from for receiving Request includes the corresponding authentication information of the BGP equipment;Judgment module 52 is authorized, for being corresponded to according to the BGP equipment Authentication information, judge whether to authorize the BGP equipment that there is ROA maintenances of information, the ROA maintenances of information function Including generation ROA informational functions and/or agency's issue ROA informational functions;Authorization message sending module 53, for determining to authorize In the case that the BGP equipment has the function of ROA maintenances of information, sent to the BGP equipment and be used to allow the BGP equipment to have There is the authorization message of ROA maintenance of information functions.
In one implementation, if determining that the BGP device requests have generation ROA information according to the maintenance request Function, then described device further include:ROA information receiving modules 54, the ROA of the BGP equipment is come from for receiving and storing Information, the ROA information is by the BGP equipment according to home network prefix and the generation of local AS information.
In one implementation, if determining that the BGP device requests have agency's issue ROA according to the maintenance request Informational function, then described device further include:ROA information sending modules 55, for sending ROA information to the BGP equipment, so that Obtain the BGP equipment and ROA information issues are carried out according to the ROA information received;Agent equipment information sending module 56, for dividing Agent equipment information is not sent to the corresponding each BGP equipment of the RPKI servers, the agent equipment information includes described The relevant information of BGP equipment.
The maintenance of information device of the disclosure, ROA information on RPKI servers not only can be by manually importing, but also can be by BGP equipment is according to home network prefix and the generation of local AS information, thus, it is possible to reduce ROA maintenances of information in RPKI servers Complexity, reduces cost.In addition, ROA information in RPKI servers can rapider more refresh in time, and to RPKI servers Corresponding each BGP equipment is synchronous, improves efficiency.
Fig. 6 shows the block diagram of the maintenance of information device according to one embodiment of the disclosure.The device can be used for BGP equipment In.As shown in fig. 6, the device includes:
Request sending module 61, for sending ROA maintenances of information request to RPKI servers, the ROA maintenances of information please Ask including the corresponding authentication information of the BGP equipment;Function setting module 62, for receiving the RPKI servers In the case of the authorization message returned according to the corresponding authentication information of the BGP equipment, there is ROA maintenances of information, The ROA maintenances of information function includes generation ROA informational functions and/or agency's issue ROA informational functions;Maintenance of information module 63, for carrying out ROA maintenances of information according to the ROA maintenances of information function having.
In one implementation, if having generation ROA informational functions according to the authorization message, described information is safeguarded Module 63 is additionally operable to:According to the home network prefix of the BGP equipment and local AS information generation ROA information;To the RPKI Server and/or the BGP equipment with agency's issue ROA informational functions send generated ROA information, so that the RPKI Server and/or the BGP equipment with agency's issue ROA informational functions carry out ROA information according to the ROA information received Issue.
In one implementation, if there is agency's issue ROA informational functions, described information according to the authorization message Maintenance module 63 is additionally operable to:Receive and store and come from the RPKI servers and/or the BGP with generation ROA informational functions The ROA information of equipment;In the case where receiving the ROA information acquisition requests for coming from other BGP equipment, to it is described other BGP equipment sends stored ROA information;Wherein, other described BGP equipment and the RPKI servers disconnecting.
The maintenance of information device of the disclosure, RPKI servers and all ROA agent equipments registered through can carry out ROA information is issued, and thus in the case of other BGP equipment and RPKI server disconnectings, other BGP equipment can be to ROA agent equipments initiate to inquire about and synchronously, ensure that RPKI servers off-line opisthogenesis AS verifications system is still operating.
Fig. 7 is a kind of block diagram for maintenance of information device 900 according to an exemplary embodiment., should with reference to Fig. 7 Device 900 may include processor 901, be stored with the machinable medium 902 of machine-executable instruction.Processor 901 with Machinable medium 902 can communicate via system bus 903.Also, processor 901 passes through read machine readable storage medium Machine-executable instruction corresponding with maintenance of information logic is to perform information maintenance method described above in matter 902.Specifically Maintaining method may refer to method shown in Fig. 2 and Fig. 3 and above-mentioned specific embodiment, the present embodiment repeat no more this.
Machinable medium 902 referred to herein can be any electronics, magnetism, optics or other physical stores Device, can include or store information, such as executable instruction, data, etc..For example, machinable medium can be: RAM (Radom Access Memory, random access memory), volatile memory, nonvolatile memory, flash memory, storage are driven Dynamic device (such as hard disk drive), solid state hard disc, any kind of storage dish (such as CD, dvd), or similar storage medium, Or combinations thereof.
The presently disclosed embodiments is described above, described above is exemplary, and non-exclusive, and It is not limited to disclosed each embodiment.In the case of without departing from the scope and spirit of illustrated each embodiment, for this skill Many modifications and changes will be apparent from for the those of ordinary skill in art field.The selection of term used herein, purport Best explaining the principle of each embodiment, practical application or technological improvement to the technology in market, or making the art Other those of ordinary skill be understood that each embodiment disclosed herein.

Claims (12)

  1. A kind of 1. information maintenance method, it is characterised in that for RPKI servers, including:
    The ROA maintenances of information request for coming from BGP equipment is received, the ROA maintenances of information request includes the BGP equipment and corresponds to Authentication information;
    According to the corresponding authentication information of the BGP equipment, judge whether to authorize the BGP equipment that there is ROA maintenances of information Function, the ROA maintenances of information function include generation ROA informational functions and/or agency's issue ROA informational functions;
    In the case where determining to authorize the BGP equipment that there is ROA maintenances of information, sent to the BGP equipment and be used to permit Perhaps described BGP equipment has the function of the authorization message of ROA maintenances of information.
  2. 2. if according to the method described in claim 1, it is characterized in that, determine that the BGP equipment please according to the maintenance request Ask with ROA informational functions are generated, then the method further includes:
    The ROA information for coming from the BGP equipment is received and stored, the ROA information is by the BGP equipment according to local network Prefix and the generation of local AS information.
  3. 3. if according to the method described in claim 1, it is characterized in that, determine that the BGP equipment please according to the maintenance request Ask and issue ROA informational functions with agency, then the method further includes:
    ROA information is sent to the BGP equipment, so that the BGP equipment carries out ROA information according to the ROA information received Issue;
    Respectively agent equipment information, the agent equipment packet are sent to the corresponding each BGP equipment of the RPKI servers Include the relevant information of the BGP equipment.
  4. A kind of 4. information maintenance method, it is characterised in that for BGP equipment, including:
    ROA maintenances of information request is sent to RPKI servers, it is corresponding that the ROA maintenances of information request includes the BGP equipment Authentication information;
    Receiving the feelings for the authorization message that the RPKI servers are returned according to the corresponding authentication information of the BGP equipment Under condition, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA informational functions and/or agency's issue ROA informational functions;
    According to ROA maintenances of information function carry out ROA maintenances of information.
  5. 5. according to the method described in claim 4, it is characterized in that, if generation ROA information work(is had according to the authorization message Can, then ROA maintenances of information are carried out according to the ROA maintenances of information function having, including:
    According to the home network prefix of the BGP equipment and local AS information generation ROA information;
    To the RPKI servers and/or the BGP equipment with agency's issue ROA informational functions sends generated ROA information, So that the RPKI servers and/or the BGP equipment with agency's issue ROA informational functions are according to the ROA received Information carries out ROA information issues.
  6. 6. according to the method described in claim 4, it is characterized in that, if agency's issue ROA letters are had according to the authorization message Function is ceased, then ROA maintenances of information are carried out according to the ROA maintenances of information function having, including:
    Receive and store the ROA information for coming from the RPKI servers and/or the BGP equipment with generation ROA informational functions;
    In the case where receiving the ROA information acquisition requests for coming from other BGP equipment, sent to other described BGP equipment The ROA information stored;Wherein, other described BGP equipment and the RPKI servers disconnecting.
  7. A kind of 7. maintenance of information device, it is characterised in that for RPKI servers, including:
    Request receiving module, the ROA maintenances of information request of BGP equipment, the ROA maintenances of information request bag are come from for receiving Include the corresponding authentication information of the BGP equipment;
    Judgment module is authorized, for according to the corresponding authentication information of the BGP equipment, judging whether to authorize the BGP to set Standby to have the function of ROA maintenances of information, the ROA maintenances of information function includes generation ROA informational functions and/or agency's issue ROA Informational function;
    Authorization message sending module, in the case of there is ROA maintenances of information in the definite mandate BGP equipment, to The BGP equipment, which is sent, to be used to allow the BGP equipment to have the function of the authorization message of ROA maintenances of information.
  8. 8. device according to claim 7, it is characterised in that if determining that the BGP equipment please according to the maintenance request Ask with ROA informational functions are generated, then described device further includes:
    ROA information receiving modules, the ROA information of the BGP equipment are come from for receiving and storing, the ROA information is by institute BGP equipment is stated according to home network prefix and the generation of local AS information.
  9. 9. device according to claim 7, it is characterised in that if determining that the BGP equipment please according to the maintenance request Ask and issue ROA informational functions with agency, then described device further includes:
    ROA information sending modules, for sending ROA information to the BGP equipment, so that the BGP equipment is according to receiving ROA information carry out ROA information issues;
    Agent equipment information sending module, sets for sending agency to the corresponding each BGP equipment of the RPKI servers respectively Standby information, the agent equipment information include the relevant information of the BGP equipment.
  10. A kind of 10. maintenance of information device, it is characterised in that for BGP equipment, including:
    Request sending module, for sending ROA maintenances of information request to RPKI servers, the ROA maintenances of information request includes The corresponding authentication information of the BGP equipment;
    Function setting module, for receiving the RPKI servers according to the corresponding authentication information of the BGP equipment In the case of the authorization message of return, there is ROA maintenances of information, the ROA maintenances of information function includes generation ROA information Function and/or agency's issue ROA informational functions;
    Maintenance of information module, for carrying out ROA maintenances of information according to the ROA maintenances of information function having.
  11. 11. device according to claim 10, it is characterised in that if there is generation ROA information according to the authorization message Function, then described information maintenance module be additionally operable to:
    According to the home network prefix of the BGP equipment and local AS information generation ROA information;
    To the RPKI servers and/or the BGP equipment with agency's issue ROA informational functions sends generated ROA information, So that the RPKI servers and/or the BGP equipment with agency's issue ROA informational functions are according to the ROA received Information carries out ROA information issues.
  12. 12. device according to claim 10, it is characterised in that if there is agency's issue ROA according to the authorization message Informational function, then described information maintenance module be additionally operable to:
    Receive and store the ROA information for coming from the RPKI servers and/or the BGP equipment with generation ROA informational functions;
    In the case where receiving the ROA information acquisition requests for coming from other BGP equipment, sent to other described BGP equipment The ROA information stored;Wherein, other described BGP equipment and the RPKI servers disconnecting.
CN201710984944.0A 2017-10-20 2017-10-20 Information maintenance method and device Active CN107911339B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710984944.0A CN107911339B (en) 2017-10-20 2017-10-20 Information maintenance method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710984944.0A CN107911339B (en) 2017-10-20 2017-10-20 Information maintenance method and device

Publications (2)

Publication Number Publication Date
CN107911339A true CN107911339A (en) 2018-04-13
CN107911339B CN107911339B (en) 2020-08-11

Family

ID=61840777

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710984944.0A Active CN107911339B (en) 2017-10-20 2017-10-20 Information maintenance method and device

Country Status (1)

Country Link
CN (1) CN107911339B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111314285A (en) * 2019-12-18 2020-06-19 北京邮电大学 Method and device for detecting route prefix attack
US20210158346A1 (en) * 2019-11-25 2021-05-27 Guangzhou University Method for certificate transaction validation of blockchain-based resource public key infrastructure

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102763377A (en) * 2009-12-15 2012-10-31 电话有限公司 Method for distributing routing information for redundant connections
US20150207818A1 (en) * 2014-01-22 2015-07-23 Cisco Technology, Inc. Overcoming circular dependencies when bootstrapping an rpki site
WO2016096005A1 (en) * 2014-12-18 2016-06-23 Nokia Solutions And Networks Oy Trusted routing between communication network systems
US9479475B1 (en) * 2014-03-17 2016-10-25 Michael E. Mazarick System and method for IPv4 to IPv6 transition rather than an outage
CN106453651A (en) * 2016-11-30 2017-02-22 中国互联网络信息中心 RPKI (resource public key infrastructure) database and data synchronization method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102763377A (en) * 2009-12-15 2012-10-31 电话有限公司 Method for distributing routing information for redundant connections
US20150207818A1 (en) * 2014-01-22 2015-07-23 Cisco Technology, Inc. Overcoming circular dependencies when bootstrapping an rpki site
US9654482B2 (en) * 2014-01-22 2017-05-16 Cisco Technology, Inc. Overcoming circular dependencies when bootstrapping an RPKI site
US9479475B1 (en) * 2014-03-17 2016-10-25 Michael E. Mazarick System and method for IPv4 to IPv6 transition rather than an outage
WO2016096005A1 (en) * 2014-12-18 2016-06-23 Nokia Solutions And Networks Oy Trusted routing between communication network systems
CN107251509A (en) * 2014-12-18 2017-10-13 诺基亚通信公司 Credible route between communications network system
CN106453651A (en) * 2016-11-30 2017-02-22 中国互联网络信息中心 RPKI (resource public key infrastructure) database and data synchronization method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210158346A1 (en) * 2019-11-25 2021-05-27 Guangzhou University Method for certificate transaction validation of blockchain-based resource public key infrastructure
US11521205B2 (en) * 2019-11-25 2022-12-06 Guangzhou University Method for certificate transaction validation of blockchain-based resource public key infrastructure
CN111314285A (en) * 2019-12-18 2020-06-19 北京邮电大学 Method and device for detecting route prefix attack

Also Published As

Publication number Publication date
CN107911339B (en) 2020-08-11

Similar Documents

Publication Publication Date Title
CN106372868B (en) Verification method and device for transaction data written into block chain
EP3742696A1 (en) Identity management method, equipment, communication network, and storage medium
CN102082733B (en) Portal system and access method thereof
JP5975594B2 (en) Communication terminal and communication system
US9154503B2 (en) Authorization method and terminal device
CN110392014A (en) Communication means and device between internet of things equipment
CN109345245A (en) Short-message verification method, equipment, network and storage medium based on block chain
CN104580104A (en) Method, device and system for identity verification
CN106934628A (en) The generation verification method and system of a kind of passive anti-fake two-dimension code
CN109412792A (en) Generation, authentication method, communication equipment and the storage medium of digital certificate
CN112468571B (en) Intranet and extranet data synchronization method and device, electronic equipment and storage medium
CN102970308B (en) A kind of user authen method and server
CN109194633A (en) Address book backup method and system
CN101682511A (en) Apparatus and method of verifying online certificate for offline device
CN107911339A (en) Information maintenance method and device
CN101247295A (en) Method and device for acquiring access controller information in wireless local area network
CN102546523B (en) Security certification method, system and equipment for internet access
CN102056170B (en) Mobile terminal user authentication method and system
US9065692B2 (en) Information notification apparatus, method, and program product
CN107342869B (en) Credible roll calling method and system based on intelligent terminal
CN105447121A (en) Database cluster connection reestablishing method with high availability
CN109379371A (en) Certification authentication method, apparatus and system
CN115296822A (en) Method and system for realizing service processing
CN108833105A (en) Electric endorsement method and device
CN107786525A (en) The account verification method and device of Webpage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant