CN108183885A - A kind of data leakage prevention method and system based on ICAP agreements - Google Patents
A kind of data leakage prevention method and system based on ICAP agreements Download PDFInfo
- Publication number
- CN108183885A CN108183885A CN201711279452.8A CN201711279452A CN108183885A CN 108183885 A CN108183885 A CN 108183885A CN 201711279452 A CN201711279452 A CN 201711279452A CN 108183885 A CN108183885 A CN 108183885A
- Authority
- CN
- China
- Prior art keywords
- icap
- http
- http request
- proxy server
- servers
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/133—Protocols for remote procedure calls [RPC]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/565—Conversion or adaptation of application format or content
Abstract
The invention discloses a kind of data leakage prevention method and system based on ICAP agreements, which includes:Client, http proxy server, ICAP servers and HTTP server;Client sends HTTP request to http proxy server;HTTP request is encapsulated as ICAP requests by http proxy server, and is sent to ICAP servers;HTTP request content in the parsing ICAP requests of ICAP servers, and will determine that result is back to http proxy server;Http proxy server according to ICAP servers return as a result, deciding whether that subsequent HTTP request directly is sent to HTTP server;After http proxy server receives the response of ICAP servers return, the HTPP for allowing outgoing is asked, the HTTP request after ICAP server process is sent to HTTP server.With this solution, Information Security is improved, improves efficiency.
Description
Technical field
The present invention relates to data security arts, and in particular to a kind of data leakage prevention method based on ICAP agreements and is
System.
Background technology
Gateway proxy is one kind of proxy server, he provides agency service just for gateway, it is from one to URL
Browser is to an external network server and returns the result the system for transmitting a request.
ICAP agreements, be Internet Content Adaptation Protocol abbreviation it inherently exist
On HTTP message perform RPC remote procedure calls a kind of lightweight-agreement.
It is increasingly enhanced with the importance of data safety, the data of enterprises how to be protected not to be leaked, are gradually caused
The concern of each layer of society, many companies and tissue are proposed carries out upgrading to legacy network, prevents industry sensitive to reach
Information can carry out outgoing employee certain audit and warning by being sent out outside network.
For more than demand, system described in this patent can be realized and user's internet behavior is carried out in a manner of Transparent Proxy
Management and control, can reach, which had not only reduced user, perceives but also efficiently can prevent company sensitive information from leaking.
It is ZTE Co., Ltd " based on internet content modification protocol with the immediate technology of the present invention
Wap gateway development systems and method ", publication number:CN 101478575A, publication date:2009-07-08.
It discloses a kind of wap gateway development systems based on internet content modification protocol and method, method are as follows:
Wap gateways send http information to internet content modification protocol module;Internet content modification protocol module is by http information
After encapsulation process, it is sent in internet content modification protocol service module;Internet content modification protocol service module is according to mutually
After content modification protocol Service Source network to the matching modification of internet content modification protocol module modification information, it is sent in interconnection
Net content modification protocol module.The system and method for the present invention, method use internet content modification protocol module by http
Information is packaged processing, concurrently matches and changes in internet content modification protocol service module, forms internet content modification
Protocol service module return information concurrently in the mode of internet content modification protocol module, expands wap gateways opening business
Range improves the exploitation flexibility of wap gateways.
Above-mentioned technology, which has the drawback that, to be needed to change network structure, and change is larger, and cost is higher, inconvenient for use.
Invention content
In order to solve the above technical problems, the present invention provides a kind of data leakage prevention method based on ICAP agreements, it is special
Sign is that this method includes the following steps:
1) HTTP request of client is forwarded to http proxy server;
2) HTTP request is encapsulated as ICAP requests by http proxy server, and is sent to ICAP servers;
3) ICAP parses the HTTP request content in ICAP requests, and will determine that result is back to http proxy server;
4) http proxy server according to ICAP servers return as a result, deciding whether subsequent HTTP request directly
It is sent to HTTP server;
5) after http proxy server receives the response of ICAP servers return, the HTPP for allowing outgoing is asked,
HTTP request after ICAP server process is sent to HTTP server.
According to an embodiment of the invention, it is preferred that before the step 1), the gateway address of client is configured to HTTP
Proxy server;
The proxy server can directly handle the HTTP request of 80 ports or the HTTPS request of 443 ports, and have encapsulation
And send the ability of ICAP requests.
According to an embodiment of the invention, it is preferred that in the step 3), after ICAP servers receive ICAP requests, parsing
Its HTTP request encapsulated, the HTTP request method obtained according to parsing and Host addresses, decide whether the subsequent processing HTTP
Request, and ICAP responses are returned into http proxy server.
According to an embodiment of the invention, it is preferred that in the step 3), if http proxy server is according to return
ICAP responses continue to encapsulate HTTP request and are forwarded to ICAP servers, then ICAP servers continue to execute the following steps:
ICAP servers receive complete HTTP request, then analyze the message content in HTTP request, and will wherein use
The file or information of outdoor hair, which extract, carries out reduction parsing;
ICAP servers carry out intelligent clustering or by content point to the file after parsing or information by machine learning
Analysis, judges the file or the issuable risk of information outgoing, if it is determined that danger classes, then mark the ICAP to ask
And HTTP request content is changed, if safe class, then retain former HTTP request content;
Return to http proxy server ICAP responses.
According to an embodiment of the invention, it is preferred that for the HTTP request for being judged to stopping, ICAP servers can be to outgoing
User generates a warning information.
In order to solve the above technical problems, the present invention provides a kind of anti-data-leakage system based on ICAP agreements, it is special
Sign is that the system includes:Client, http proxy server, ICAP servers;
Client sends HTTP request to http proxy server;
HTTP request is encapsulated as ICAP requests by http proxy server, and is sent to ICAP servers;
HTTP request content in the parsing ICAP requests of ICAP servers, and will determine that result is back to HTTP Proxy service
Device;
Http proxy server according to ICAP servers return as a result, deciding whether directly to send out subsequent HTTP request
It send to HTTP server;
After http proxy server receives the response of ICAP servers return, the HTPP for allowing outgoing is asked, it will
HTTP request after ICAP server process is sent to HTTP server.
According to an embodiment of the invention, it is preferred that the gateway address of the client in system is configured to HTTP Proxy clothes
Business device;
The proxy server can directly handle the HTTP request of 80 ports or the HTTPS request of 443 ports, and have encapsulation
And send the ability of ICAP requests.
According to an embodiment of the invention, it is preferred that after ICAP servers receive ICAP requests, the HTTP for parsing its encapsulation please
It asks, according to the obtained HTTP request method of parsing and Host addresses, decides whether the subsequent processing HTTP request, and by ICAP
Response returns to http proxy server.
According to an embodiment of the invention, it is preferred that if http proxy server continues to seal according to the ICAP of return responses
Dress HTTP request is simultaneously forwarded to ICAP servers;
ICAP servers receive complete HTTP request, then analyze the message content in HTTP request, and will wherein use
The file or information of outdoor hair, which extract, carries out reduction parsing;
ICAP servers carry out intelligent clustering or by content point to the file after parsing or information by machine learning
Analysis, judges the file or the issuable risk of information outgoing, if it is determined that danger classes, then mark the ICAP to ask
And HTTP request content is changed, if safe class, then retain former HTTP request content;
ICAP servers return to http proxy server ICAP responses.
According to an embodiment of the invention, it is preferred that for the HTTP request for being judged to stopping, ICAP servers can be to outgoing
User generates a warning information.
In order to solve the above technical problems, the present invention provides a kind of http proxy server based on ICAP agreements, it is special
Sign is that the http proxy server includes computer readable storage medium, which is stored with computer program, passes through
The computer program is performed, realizes following steps:
Receive the HTTP request of client forwarding;
HTTP request is encapsulated as ICAP requests, and be sent to ICAP servers;
Receive the judging result that ICAP server process returns;
According to the return of ICAP servers as a result, deciding whether that subsequent HTTP request directly is sent to HTTP service
Device;
After the response for receiving the return of ICAP servers, the HTPP for allowing outgoing is asked, by ICAP server process
HTTP request afterwards is sent to HTTP server.
By technical scheme of the present invention, following technique effect is achieved:
On the basis of the gateway topological structure for retaining legacy network, the influence that user's legacy network is configured is reduced;
It is smaller to the change of original HTTP request responding process since ICAP agreements are the agreements of a type HTTP, in guarantee
The stability and reliability of net.
Description of the drawings
Fig. 1 is the method flow diagram of the prior art.
Fig. 2 is the system architecture diagram of the present invention.
Specific embodiment
The data leakage prevention method of the proxy gateway based on ICAP agreements proposed in present patent application can combine original
Network topology, crawl user surf the Internet outgoing document, and pass through during protocol analysis and file scan solve enterprise customer's online
The problems such as sending illegal contents, revealing sensitive information.
<Anti- leaking data method>
This method is handled from ICAP protocol encapsulations, protocol analysis and file analysis.
First, by the way that Transparent Proxy device is configured, client side HTTP request is forwarded to http proxy server;
Secondly, HTTP packet encapsulations are by http proxy server and the interaction of ICAP servers, http proxy server
ICAP data packets, and ICAP servers are sent to, after ICAP is unpacked, HTTP packet contents therein are parsed, and will determine that knot
Fruit is back to http proxy server.
Finally, http proxy server according to ICAP servers return as a result, deciding whether to be sent directly to
The HTTP server of Internet.
Such as Fig. 1, a kind of data leakage prevention method based on ICAP agreements is provided, this method includes the following steps:
1) HTTP request of client is forwarded to http proxy server;
2) HTTP request is encapsulated as ICAP requests by http proxy server, and is sent to ICAP servers;
3) ICAP parses the HTTP request content in ICAP requests, and will determine that result is back to http proxy server;
4) http proxy server according to ICAP servers return as a result, deciding whether subsequent HTTP request directly
It is sent to HTTP server;
5) after http proxy server receives the response of ICAP servers return, the HTPP for allowing outgoing is asked,
HTTP request after ICAP server process is sent to HTTP server.
Before the step 1), the gateway address of client is configured to http proxy server;
The proxy server can directly handle the HTTP request of 80 ports or the HTTPS request of 443 ports, and have encapsulation
And send the ability of ICAP requests.
In the step 3), after ICAP servers receive ICAP requests, the HTTP request of its encapsulation is parsed, according to parsing
The HTTP request method arrived and Host addresses decide whether the subsequent processing HTTP request, and ICAP responses are returned to HTTP
Proxy server.
In the step 3), if http proxy server continues to encapsulate HTTP request and turn according to the ICAP of return responses
ICAP servers are sent to, then ICAP servers continue to execute the following steps:
ICAP servers receive complete HTTP request, then analyze the message content in HTTP request, and will wherein use
The file or information of outdoor hair, which extract, carries out reduction parsing;
ICAP servers carry out intelligent clustering or by content point to the file after parsing or information by machine learning
Analysis, judges the file or the issuable risk of information outgoing, if it is determined that danger classes, then mark ICAP requests simultaneously
HTTP request content is changed, if safe class, then retains HTTP request content;
Return to http proxy server ICAP responses.
For the HTTP request for being judged to stopping, ICAP servers can one warning information of external hair family generation.
<Anti- leaking data system>
The present invention provides a kind of anti-data-leakage system based on ICAP agreements, which includes:Client, HTTP generations
Manage server, ICAP servers;
Client sends HTTP request to http proxy server;
HTTP request is encapsulated as ICAP requests by http proxy server, and is sent to ICAP servers;
HTTP request content in the parsing ICAP requests of ICAP servers, and will determine that result is back to HTTP Proxy service
Device;
Http proxy server according to ICAP servers return as a result, deciding whether directly to send out subsequent HTTP request
It send to HTTP server;
After http proxy server receives the response of ICAP servers return, the HTPP for allowing outgoing is asked, it will
HTTP request after ICAP server process is sent to HTTP server.
The gateway address of client in system is configured to http proxy server;
The proxy server can directly handle the HTTP request of 80 ports or the HTTPS request of 443 ports, and have encapsulation
And send the ability of ICAP requests.
After ICAP servers receive ICAP requests, the HTTP request of its encapsulation, the HTTP request obtained according to parsing are parsed
Method and Host addresses decide whether the subsequent processing HTTP request, and ICAP responses are returned to http proxy server.
If http proxy server continues to encapsulate HTTP request and be forwarded to ICAP to service according to the ICAP of return responses
Device;
ICAP servers receive complete HTTP request, then analyze the message content in HTTP request, and will wherein use
The file or information of outdoor hair, which extract, carries out reduction parsing;
ICAP servers carry out intelligent clustering or by content point to the file after parsing or information by machine learning
Analysis, judges the file or the issuable risk of information outgoing, if it is determined that danger classes, then mark ICAP requests simultaneously
HTTP request content is changed, if safe class, then retains HTTP request content;
ICAP servers return to http proxy server ICAP responses.
For the HTTP request for being judged to stopping, ICAP servers can one warning information of external hair family generation.
The invention discloses a kind of http proxy server based on ICAP agreements, which includes calculating
Machine readable storage medium storing program for executing, the storage medium are stored with computer program, by performing the computer program, realize following steps:
Receive the HTTP request of client forwarding;
HTTP request is encapsulated as ICAP requests, and be sent to ICAP servers;
Receive the judging result that ICAP server process returns;
According to the return of ICAP servers as a result, deciding whether that subsequent HTTP request directly is sent to HTTP service
Device;
After the response for receiving the return of ICAP servers, the HTPP for allowing outgoing is asked, by ICAP server process
HTTP request afterwards is sent to HTTP server.
With reference to Fig. 2, the function of description system various pieces realization.
(1) user's access terminals gateway address is configured to http proxy server, which can directly handle 80
The HTTP request of port or the HTTPS request of 443 ports, and have encapsulation and send the ability of ICAP requests;
(2) subscription client transmit a request to http proxy server;
(3) http proxy server packed part HTTP request is asked for ICAP, and ICAP requests is forwarded to be serviced to ICAP
Device;
(4) ICAP servers receive ICAP requests, parse the HTTP request of its encapsulation, pass through the HTTP request side after parsing
Method and Host addresses decide whether the subsequent processing HTTP request, and return to http proxy server ICAP responses;
(5) the ICAP response messages that http proxy server is returned according to ICAP servers, selection continues encapsulation HTTP please
It asks and is sent to ICAP servers and be still sent directly to HTTP server;
(6) if http proxy server continues to encapsulate HTTP request and is forwarded to ICAP servers, step occurs;
(7) ICAP servers receive follow-up HTTP request until complete, and http proxy server is by the HTTP request at this time
Retain until ICAP servers return to handling result;
(8) after ICAP servers receive complete HTTP request, HTTP request message content is analyzed, and will be wherein with open air
The file or information of hair extract and carry out reduction parsing to file;
(9) ICAP servers pass through machine learning progress etc cluster or analysis outgoing document to the file after parsing
DNA, the methods of MD5, the issuable risk of its outgoing is analyzed, if it is determined that danger classes, then mark ICAP requests simultaneously
Change HTTP contents;If safe class, then retain former HTTP request information, either way return to http proxy server
Response IC AP is responded;
(10) for the HTTP request for being judged to stopping, ICAP servers can one warning information of external hair family generation,
And response responsible person can be reminded;
(11) after http proxy server receives the instruction of ICAP returns, by ICAP, treated that HTTP request is sent to
HTTP server;
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the scope of the present invention.It is all
Within the spirit and principles in the present invention, any modification, equivalent replacement and improvement for being made etc. should all protect the guarantor in the present invention
Within the scope of shield.
Claims (11)
1. a kind of data leakage prevention method based on ICAP agreements, which is characterized in that this method includes the following steps:
1) HTTP request of client is forwarded to http proxy server;
2) HTTP request is encapsulated as ICAP requests by http proxy server, and is sent to ICAP servers;
3) ICAP parses the HTTP request content in ICAP requests, and will determine that result is back to http proxy server;
4) http proxy server according to ICAP servers return as a result, deciding whether directly to send subsequent HTTP request
To HTTP server;
5) after http proxy server receives the response of ICAP servers return, the HTPP for allowing outgoing is asked, it will
HTTP request after ICAP server process is sent to HTTP server.
2. according to the method described in claim 1, before the step 1), the gateway address of client is configured to HTTP Proxy
Server;
The proxy server can directly handle the HTTP request of 80 ports and the HTTPS request of 443 ports, and it is concurrent to have encapsulation
The ability that ICAP is sent to ask.
3. according to the method described in claim 1, in the step 3), after ICAP servers receive ICAP requests, its envelope is parsed
The HTTP request of dress, the HTTP request method obtained according to parsing and Host addresses decide whether that the subsequent processing HTTP please
It asks, and ICAP responses is returned into http proxy server.
4. according to the method described in claim 3, in the step 3), if http proxy server is rung according to the ICAP of return
It should continue to encapsulate HTTP request and be forwarded to ICAP servers, then ICAP servers continue to execute the following steps:
ICAP servers receive complete HTTP request, then analyze the message content in HTTP request, and will be wherein with open air
The file or information of hair, which extract, carries out reduction parsing;
ICAP servers carry out intelligent clustering or by content analysis to the file after parsing or information by machine learning, sentence
Break the file or the issuable risk of information outgoing, if it is determined that danger classes, then mark the ICAP to ask and repair
Change HTTP request content, if safe class, then retain former HTTP request content;
Return to http proxy server ICAP responses.
5. according to the method described in claim 3, for the HTTP request for being judged to stopping, ICAP servers can external hair family
Generate a warning information.
6. a kind of anti-data-leakage system based on ICAP agreements, which is characterized in that the system includes:Client, HTTP Proxy
Server, ICAP servers;
Client sends HTTP request to http proxy server;
HTTP request is encapsulated as ICAP requests by http proxy server, and is sent to ICAP servers;
HTTP request content in the parsing ICAP requests of ICAP servers, and will determine that result is back to http proxy server;
Http proxy server according to ICAP servers return as a result, deciding whether directly to be sent to subsequent HTTP request
HTTP server;
After http proxy server receives the response of ICAP servers return, the HTPP for allowing outgoing is asked, by ICAP
HTTP request after server process is sent to HTTP server.
7. the gateway address of the client in system is configured to http proxy server by system according to claim 6;
The proxy server can directly handle the HTTP request of 80 ports or the HTTPS request of 443 ports, and have encapsulation and send
The ability of ICAP requests.
8. system according to claim 6 after ICAP servers receive ICAP requests, parses the HTTP request of its encapsulation,
The HTTP request method obtained according to parsing and Host addresses, decide whether the subsequent processing HTTP request, and ICAP is responded
Return to http proxy server.
9. system according to claim 8, if http proxy server continues to encapsulate according to the ICAP of return responses
HTTP request is simultaneously forwarded to ICAP servers;
ICAP servers receive complete HTTP request, then analyze the message content in HTTP request, and will be wherein with open air
The file or information of hair, which extract, carries out reduction parsing;
ICAP servers carry out intelligent clustering or by content analysis to the file after parsing or information by machine learning, sentence
Break the file or the issuable risk of information outgoing, if it is determined that danger classes, then mark the ICAP to ask and repair
Change HTTP request content, if safe class, then retain former HTTP request content;
ICAP servers return to http proxy server ICAP responses.
10. system according to claim 8, for the HTTP request for being judged to stopping, ICAP servers can external hair
Family generates a warning information.
11. a kind of http proxy server based on ICAP agreements, which is characterized in that the http proxy server includes computer
Readable storage medium storing program for executing, the storage medium are stored with computer program, by performing the computer program, realize following steps:
Receive the HTTP request of client forwarding;
HTTP request is encapsulated as ICAP requests, and be sent to ICAP servers;
Receive the judging result that ICAP server process returns;
According to the return of ICAP servers as a result, deciding whether that subsequent HTTP request directly is sent to HTTP server;
After the response for receiving the return of ICAP servers, the HTPP for allowing outgoing is asked, after ICAP server process
HTTP request is sent to HTTP server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711279452.8A CN108183885A (en) | 2017-12-06 | 2017-12-06 | A kind of data leakage prevention method and system based on ICAP agreements |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711279452.8A CN108183885A (en) | 2017-12-06 | 2017-12-06 | A kind of data leakage prevention method and system based on ICAP agreements |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108183885A true CN108183885A (en) | 2018-06-19 |
Family
ID=62545788
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711279452.8A Pending CN108183885A (en) | 2017-12-06 | 2017-12-06 | A kind of data leakage prevention method and system based on ICAP agreements |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108183885A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109508437A (en) * | 2018-11-21 | 2019-03-22 | 深信服科技股份有限公司 | A kind of search website auditing method, system and gateway and storage medium |
| CN112565423A (en) * | 2020-12-04 | 2021-03-26 | 华南师范大学 | ICAP-based data-driven resource accurate pushing and fine management method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478575A (en) * | 2009-01-22 | 2009-07-08 | 中兴通讯股份有限公司 | Wap gateway development system and method based on internet content modification protocol |
| CN102546737A (en) * | 2010-12-07 | 2012-07-04 | 中国电信股份有限公司 | Wireless Internet gateway access system and method |
| CN202931378U (en) * | 2012-08-06 | 2013-05-08 | 无锡稳捷网络技术有限公司 | HTTP access control system based on ICAP (internet content adaptation protocol) |
| CN103581144A (en) * | 2012-08-06 | 2014-02-12 | 无锡稳捷网络技术有限公司 | Network safety access control method based on ICAP |
| US9166938B2 (en) * | 2009-06-19 | 2015-10-20 | Comcast Cable Communications, Llc | System and method for improved notifications |
-
2017
- 2017-12-06 CN CN201711279452.8A patent/CN108183885A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478575A (en) * | 2009-01-22 | 2009-07-08 | 中兴通讯股份有限公司 | Wap gateway development system and method based on internet content modification protocol |
| US9166938B2 (en) * | 2009-06-19 | 2015-10-20 | Comcast Cable Communications, Llc | System and method for improved notifications |
| CN102546737A (en) * | 2010-12-07 | 2012-07-04 | 中国电信股份有限公司 | Wireless Internet gateway access system and method |
| CN202931378U (en) * | 2012-08-06 | 2013-05-08 | 无锡稳捷网络技术有限公司 | HTTP access control system based on ICAP (internet content adaptation protocol) |
| CN103581144A (en) * | 2012-08-06 | 2014-02-12 | 无锡稳捷网络技术有限公司 | Network safety access control method based on ICAP |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109508437A (en) * | 2018-11-21 | 2019-03-22 | 深信服科技股份有限公司 | A kind of search website auditing method, system and gateway and storage medium |
| CN109508437B (en) * | 2018-11-21 | 2021-05-04 | 深信服科技股份有限公司 | Search website auditing method, system, gateway equipment and storage medium |
| CN112565423A (en) * | 2020-12-04 | 2021-03-26 | 华南师范大学 | ICAP-based data-driven resource accurate pushing and fine management method |
| CN112565423B (en) * | 2020-12-04 | 2023-04-18 | 华南师范大学 | ICAP-based data-driven resource accurate pushing and fine management method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10795992B2 (en) | Self-adaptive application programming interface level security monitoring | |
| US7345585B2 (en) | Network based device for providing RFID middleware functionality | |
| US9954873B2 (en) | Mobile device-based intrusion prevention system | |
| CN101438255B (en) | Network and application attack protection based on application layer message inspection | |
| CN110535831A (en) | Cluster safety management method, device and storage medium based on Kubernetes and network domains | |
| US8015250B2 (en) | Method and system for filtering electronic messages | |
| US20150156183A1 (en) | System and method for filtering network communications | |
| US20090055930A1 (en) | Content Security by Network Switch | |
| WO2018192007A1 (en) | Data packet transmission method and system | |
| CN111030963B (en) | Document tracking method, gateway equipment and server | |
| CN110362992A (en) | Based on the method and apparatus for stopping in the environment of cloud or detecting computer attack | |
| CN107992771A (en) | A kind of data desensitization method and device | |
| CN107104929A (en) | The methods, devices and systems of defending against network attacks | |
| US8789177B1 (en) | Method and system for automatically obtaining web page content in the presence of redirects | |
| CN107656742A (en) | A kind of software product dissemination method and device | |
| CN108429739A (en) | A kind of method, system and the terminal device of identification honey jar | |
| CN112688932A (en) | Honeypot generation method, honeypot generation device, honeypot generation equipment and computer readable storage medium | |
| CN108183885A (en) | A kind of data leakage prevention method and system based on ICAP agreements | |
| CN114978637A (en) | Message processing method and device | |
| CN113220481A (en) | Request processing and feedback method and device, computer equipment and readable storage medium | |
| JP2017091478A (en) | Cyber attack mail handling training system | |
| US10673893B2 (en) | Isolating a source of an attack that originates from a shared computing environment | |
| CN115174474B (en) | SRv 6-based SFC implementation method and device in private cloud | |
| CN109327864A (en) | Flow processing method, device, equipment and storage medium | |
| CN115913824B (en) | Virtual server communication method and system crossing VPC |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180619 |
|
| RJ01 | Rejection of invention patent application after publication |