CN109040031B - Method for processing data message based on same local area network - Google Patents
Method for processing data message based on same local area network Download PDFInfo
- Publication number
- CN109040031B CN109040031B CN201810789788.7A CN201810789788A CN109040031B CN 109040031 B CN109040031 B CN 109040031B CN 201810789788 A CN201810789788 A CN 201810789788A CN 109040031 B CN109040031 B CN 109040031B
- Authority
- CN
- China
- Prior art keywords
- node
- network server
- sending
- message
- receiving node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Abstract
The invention discloses a method for processing data messages based on the same local area network, and relates to the technical field of methods for processing data messages in local area networks. The method comprises the following steps: the sending node acquires the IP address of the receiving node from the node list; the network server transmits the current time of the system to the sending node; the network server transmits the second ciphertext to the receiving node; the receiving node compares whether the first ciphertext and the second ciphertext are correct or not; if yes, acquiring message content; if not, executing the step seven; the receiving node transmits a message receiving failure signal to the network server; the network server transmits a receiving failure signal to the sending node and executes the step one. The invention realizes the safe encryption of the data message in the same local area network by jointly verifying the message header through the first encryption algorithm and the second encryption algorithm among the network server, the sending node and the receiving node, avoids information leakage caused by a network hacker intercepting the message from the sending node to the receiving node, and improves the safety of information communication in the local area network.
Description
Technical Field
The invention belongs to the technical field of data message processing methods in local area networks, and particularly relates to a data message processing method based on the same local area network.
Background
With the rapid development of the internet and big data, in the popularization and application of computers and the internet, the frequently occurred divulgence event, and the secure access of electronic files is more and more emphasized. According to the data record, most of sensitive data, more than 70%, is leaked out by internal staff from a desktop terminal computer of an internal network system through various transmission, copying and other ways. Therefore, preventing security risks in lans, especially preventing illegal access and leakage of confidential electronic files inside lans, has become an important aspect of the current network security field.
The invention is directed to a data message processing method based on the same local area network, which is used for solving the problems of information leakage and poor message safety in the existing local area network.
Disclosure of Invention
The invention aims to provide a method for processing data messages in the same local area network, which realizes the safe encryption of the data messages in the same local area network and solves the problems of information leakage and poor message safety in the existing local area network by jointly verifying message headers through a first encryption algorithm and a second encryption algorithm among a network server, a sending node and a receiving node.
In order to solve the technical problems, the invention is realized by the following technical scheme:
the invention relates to a data message processing method based on the same local area network, which comprises the following steps:
step one, a sending node acquires an IP address of a receiving node from a node list;
step two, the sending node transmits a sending signal to a network server; the network server transmits the current time of the system to the sending node; the network server generates a verification serial number;
step three, the sending node sends a message to the receiving node;
step four, the receiving node sends an acquisition signal to a network server;
step five, the network server transmits the second ciphertext to the receiving node;
step six, the receiving node compares whether the first ciphertext and the second ciphertext are correct or not; if yes, acquiring message content; if not, executing the step seven;
step seven: the receiving node transmits a message receiving failure signal to the network server;
step eight: and the network server transmits the receiving failure signal to the sending node and executes the step one.
Preferably, the transmission signal includes a transmitting node IP address and a receiving node IP address.
Preferably, the system current time is the system time when the network server receives the transmission signal.
Preferably, the message comprises a message header and a message body; the process of sending the message to the receiving node by the sending node comprises the following steps: the sending node generates a first ciphertext by using a first encryption algorithm; the first encryption algorithm encrypts the current system time, the IP of the sending node and the IP of the receiving node transmitted by the network server; and the first ciphertext is encapsulated in a message header.
Preferably, the acquisition signal includes a sending node IP and a receiving node IP.
Preferably, the verification sequence number corresponds to the sending node IP and the receiving node IP one by one; the process of the network server transmitting the second ciphertext to the receiving node is as follows: and the network server encrypts the verification serial number, the IP of the sending node and the IP of the receiving node by using a second encryption algorithm to generate a second ciphertext.
The invention has the following beneficial effects:
the invention realizes the safe encryption of the data message in the same local area network by jointly verifying the message header through the first encryption algorithm and the second encryption algorithm among the network server, the sending node and the receiving node, avoids information leakage caused by a network hacker intercepting the message from the sending node to the receiving node, and improves the safety of information communication in the local area network.
Of course, it is not necessary for any product in which the invention is practiced to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a data packet processing method based on the same local area network according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention is a method for processing data packets based on the same local area network, including the following steps:
step one, a sending node acquires an IP address of a receiving node from a node list;
step two, the sending node transmits a sending signal to a network server; the network server transmits the current time of the system to the sending node; the network server generates a verification serial number;
step three, the sending node sends a message to the receiving node;
step four, the receiving node sends an acquisition signal to a network server;
step five, the network server transmits the second ciphertext to the receiving node;
step six, the receiving node compares whether the first ciphertext and the second ciphertext are correct or not; if yes, acquiring message content; if not, executing the step seven;
step seven: the receiving node transmits a message receiving failure signal to the network server;
step eight: and the network server transmits the receiving failure signal to the sending node and executes the step one.
Wherein the sending signal comprises a sending node IP address and a receiving node IP address.
The current system time is the system time when the network server receives the sending signal.
Wherein, the message comprises a message header and a message body; the process of sending the message to the receiving node by the sending node comprises the following steps: the sending node generates a first ciphertext by using a first encryption algorithm; the first encryption algorithm encrypts the current system time, the IP of the sending node and the IP of the receiving node transmitted by the network server; the first ciphertext is encapsulated within the header.
The acquisition signal comprises a sending node IP and a receiving node IP.
The verification serial number corresponds to the IP of the sending node and the IP of the receiving node one by one; the process of the network server transmitting the second ciphertext to the receiving node is as follows: and the network server encrypts the verification serial number, the IP of the sending node and the IP of the receiving node by using a second encryption algorithm to generate a second ciphertext.
It should be noted that, in the above system embodiment, each included unit is only divided according to functional logic, but is not limited to the above division as long as the corresponding function can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
In addition, those skilled in the art can understand that all or part of the steps in the method for implementing the embodiments described above can be implemented by a program to instruct the relevant hardware.
The preferred embodiments of the invention disclosed above are intended to be illustrative only. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise embodiments disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best utilize the invention. The invention is limited only by the claims and their full scope and equivalents.
Claims (2)
1. The method for processing the data message based on the same local area network is characterized by comprising the following steps:
step one, a sending node acquires an IP address of a receiving node from a node list;
step two, the sending node transmits a sending signal to a network server; the network server transmits the current time of the system to the sending node; the network server generates a verification serial number;
step three, the sending node sends a message to the receiving node;
step four, the receiving node sends an acquisition signal to a network server;
step five, the network server transmits the second ciphertext to the receiving node;
step six, the receiving node compares whether the first ciphertext and the second ciphertext are correct or not; if yes, acquiring message content; if not, executing the step seven;
step seven: the receiving node transmits a message receiving failure signal to the network server;
step eight: the network server transmits a receiving failure signal to the sending node and executes the first step;
the sending signal comprises a sending node IP address and a receiving node IP address;
the acquisition signal comprises a sending node IP and a receiving node IP;
the verification serial numbers correspond to the sending node IP and the receiving node IP one by one; the process of the network server transmitting the second ciphertext to the receiving node is as follows: the network server encrypts the verification serial number, the IP of the sending node and the IP of the receiving node by using a second encryption algorithm to generate a second ciphertext;
the message comprises a message header and a message body; the process of sending the message to the receiving node by the sending node comprises the following steps: the sending node generates a first ciphertext by using a first encryption algorithm; the first encryption algorithm encrypts the current system time, the IP of the sending node and the IP of the receiving node transmitted by the network server; and the first ciphertext is encapsulated in a message header.
2. The method according to claim 1, wherein the system current time is a system time when the network server receives the transmission signal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810789788.7A CN109040031B (en) | 2018-07-18 | 2018-07-18 | Method for processing data message based on same local area network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810789788.7A CN109040031B (en) | 2018-07-18 | 2018-07-18 | Method for processing data message based on same local area network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109040031A CN109040031A (en) | 2018-12-18 |
CN109040031B true CN109040031B (en) | 2021-02-09 |
Family
ID=64643276
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810789788.7A Active CN109040031B (en) | 2018-07-18 | 2018-07-18 | Method for processing data message based on same local area network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109040031B (en) |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6314521B1 (en) * | 1997-11-26 | 2001-11-06 | International Business Machines Corporation | Secure configuration of a digital certificate for a printer or other network device |
CN101420430B (en) * | 2008-11-28 | 2011-12-07 | 华为终端有限公司 | Methods and apparatus for information security protection |
CN107342964B (en) * | 2016-04-28 | 2019-05-07 | 华为技术有限公司 | A kind of message parsing method and equipment |
-
2018
- 2018-07-18 CN CN201810789788.7A patent/CN109040031B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN109040031A (en) | 2018-12-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3424178B1 (en) | Deterministic reproduction of client/server computer state or output sent to one or more client computers | |
CN106789015B (en) | Intelligent power distribution network communication safety system | |
WO2020173231A1 (en) | Resource request method, device and storage medium | |
CN112468518B (en) | Access data processing method and device, storage medium and computer equipment | |
US20140298008A1 (en) | Control System Security Appliance | |
CN111464563B (en) | Protection method of industrial control network and corresponding device | |
CN110912877B (en) | Data transmitting and receiving method and device based on IEC61850 model in transformer substation | |
CN112468504B (en) | Industrial control network access control method based on block chain | |
RU2649789C1 (en) | Method of computer networks protection | |
US20210044600A1 (en) | Security module for a can node | |
CN107172030B (en) | High-privacy and anti-tracing communication method | |
CN111314381A (en) | Safety isolation gateway | |
CN114143068A (en) | Electric power internet of things gateway equipment container safety protection system and method thereof | |
CN105100268A (en) | Security control method and system of Internet-of-things device as well as application server | |
CN104410580A (en) | Trusted security WiFi (Wireless Fidelity) router and data processing method thereof | |
RU2307392C1 (en) | Method (variants) for protecting computer networks | |
CN109040031B (en) | Method for processing data message based on same local area network | |
CN111092860A (en) | Medical data safety interaction transmission module | |
CN115766069A (en) | Network security protection method and equipment based on Internet of things communication protocol | |
CN110769010B (en) | Data management authority processing method and device and computer equipment | |
CN113395258A (en) | Industrial internet authentication gateway test development system and authentication process thereof | |
CN105471839A (en) | Method for judging whether router data is tampered | |
CN117240603B (en) | Data transmission method, system, device, electronic equipment and storage medium | |
WO2024066059A1 (en) | Industrial internet security system and method based on sdp and edge computing | |
CN111030984B (en) | Data safety transmission system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |