CN109040031B - Method for processing data message based on same local area network - Google Patents

Method for processing data message based on same local area network Download PDF

Info

Publication number
CN109040031B
CN109040031B CN201810789788.7A CN201810789788A CN109040031B CN 109040031 B CN109040031 B CN 109040031B CN 201810789788 A CN201810789788 A CN 201810789788A CN 109040031 B CN109040031 B CN 109040031B
Authority
CN
China
Prior art keywords
node
network server
sending
message
receiving node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810789788.7A
Other languages
Chinese (zh)
Other versions
CN109040031A (en
Inventor
倪飞舟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Medical University
Original Assignee
Anhui Medical University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Medical University filed Critical Anhui Medical University
Priority to CN201810789788.7A priority Critical patent/CN109040031B/en
Publication of CN109040031A publication Critical patent/CN109040031A/en
Application granted granted Critical
Publication of CN109040031B publication Critical patent/CN109040031B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information

Abstract

The invention discloses a method for processing data messages based on the same local area network, and relates to the technical field of methods for processing data messages in local area networks. The method comprises the following steps: the sending node acquires the IP address of the receiving node from the node list; the network server transmits the current time of the system to the sending node; the network server transmits the second ciphertext to the receiving node; the receiving node compares whether the first ciphertext and the second ciphertext are correct or not; if yes, acquiring message content; if not, executing the step seven; the receiving node transmits a message receiving failure signal to the network server; the network server transmits a receiving failure signal to the sending node and executes the step one. The invention realizes the safe encryption of the data message in the same local area network by jointly verifying the message header through the first encryption algorithm and the second encryption algorithm among the network server, the sending node and the receiving node, avoids information leakage caused by a network hacker intercepting the message from the sending node to the receiving node, and improves the safety of information communication in the local area network.

Description

Method for processing data message based on same local area network
Technical Field
The invention belongs to the technical field of data message processing methods in local area networks, and particularly relates to a data message processing method based on the same local area network.
Background
With the rapid development of the internet and big data, in the popularization and application of computers and the internet, the frequently occurred divulgence event, and the secure access of electronic files is more and more emphasized. According to the data record, most of sensitive data, more than 70%, is leaked out by internal staff from a desktop terminal computer of an internal network system through various transmission, copying and other ways. Therefore, preventing security risks in lans, especially preventing illegal access and leakage of confidential electronic files inside lans, has become an important aspect of the current network security field.
The invention is directed to a data message processing method based on the same local area network, which is used for solving the problems of information leakage and poor message safety in the existing local area network.
Disclosure of Invention
The invention aims to provide a method for processing data messages in the same local area network, which realizes the safe encryption of the data messages in the same local area network and solves the problems of information leakage and poor message safety in the existing local area network by jointly verifying message headers through a first encryption algorithm and a second encryption algorithm among a network server, a sending node and a receiving node.
In order to solve the technical problems, the invention is realized by the following technical scheme:
the invention relates to a data message processing method based on the same local area network, which comprises the following steps:
step one, a sending node acquires an IP address of a receiving node from a node list;
step two, the sending node transmits a sending signal to a network server; the network server transmits the current time of the system to the sending node; the network server generates a verification serial number;
step three, the sending node sends a message to the receiving node;
step four, the receiving node sends an acquisition signal to a network server;
step five, the network server transmits the second ciphertext to the receiving node;
step six, the receiving node compares whether the first ciphertext and the second ciphertext are correct or not; if yes, acquiring message content; if not, executing the step seven;
step seven: the receiving node transmits a message receiving failure signal to the network server;
step eight: and the network server transmits the receiving failure signal to the sending node and executes the step one.
Preferably, the transmission signal includes a transmitting node IP address and a receiving node IP address.
Preferably, the system current time is the system time when the network server receives the transmission signal.
Preferably, the message comprises a message header and a message body; the process of sending the message to the receiving node by the sending node comprises the following steps: the sending node generates a first ciphertext by using a first encryption algorithm; the first encryption algorithm encrypts the current system time, the IP of the sending node and the IP of the receiving node transmitted by the network server; and the first ciphertext is encapsulated in a message header.
Preferably, the acquisition signal includes a sending node IP and a receiving node IP.
Preferably, the verification sequence number corresponds to the sending node IP and the receiving node IP one by one; the process of the network server transmitting the second ciphertext to the receiving node is as follows: and the network server encrypts the verification serial number, the IP of the sending node and the IP of the receiving node by using a second encryption algorithm to generate a second ciphertext.
The invention has the following beneficial effects:
the invention realizes the safe encryption of the data message in the same local area network by jointly verifying the message header through the first encryption algorithm and the second encryption algorithm among the network server, the sending node and the receiving node, avoids information leakage caused by a network hacker intercepting the message from the sending node to the receiving node, and improves the safety of information communication in the local area network.
Of course, it is not necessary for any product in which the invention is practiced to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a data packet processing method based on the same local area network according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention is a method for processing data packets based on the same local area network, including the following steps:
step one, a sending node acquires an IP address of a receiving node from a node list;
step two, the sending node transmits a sending signal to a network server; the network server transmits the current time of the system to the sending node; the network server generates a verification serial number;
step three, the sending node sends a message to the receiving node;
step four, the receiving node sends an acquisition signal to a network server;
step five, the network server transmits the second ciphertext to the receiving node;
step six, the receiving node compares whether the first ciphertext and the second ciphertext are correct or not; if yes, acquiring message content; if not, executing the step seven;
step seven: the receiving node transmits a message receiving failure signal to the network server;
step eight: and the network server transmits the receiving failure signal to the sending node and executes the step one.
Wherein the sending signal comprises a sending node IP address and a receiving node IP address.
The current system time is the system time when the network server receives the sending signal.
Wherein, the message comprises a message header and a message body; the process of sending the message to the receiving node by the sending node comprises the following steps: the sending node generates a first ciphertext by using a first encryption algorithm; the first encryption algorithm encrypts the current system time, the IP of the sending node and the IP of the receiving node transmitted by the network server; the first ciphertext is encapsulated within the header.
The acquisition signal comprises a sending node IP and a receiving node IP.
The verification serial number corresponds to the IP of the sending node and the IP of the receiving node one by one; the process of the network server transmitting the second ciphertext to the receiving node is as follows: and the network server encrypts the verification serial number, the IP of the sending node and the IP of the receiving node by using a second encryption algorithm to generate a second ciphertext.
It should be noted that, in the above system embodiment, each included unit is only divided according to functional logic, but is not limited to the above division as long as the corresponding function can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
In addition, those skilled in the art can understand that all or part of the steps in the method for implementing the embodiments described above can be implemented by a program to instruct the relevant hardware.
The preferred embodiments of the invention disclosed above are intended to be illustrative only. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise embodiments disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best utilize the invention. The invention is limited only by the claims and their full scope and equivalents.

Claims (2)

1. The method for processing the data message based on the same local area network is characterized by comprising the following steps:
step one, a sending node acquires an IP address of a receiving node from a node list;
step two, the sending node transmits a sending signal to a network server; the network server transmits the current time of the system to the sending node; the network server generates a verification serial number;
step three, the sending node sends a message to the receiving node;
step four, the receiving node sends an acquisition signal to a network server;
step five, the network server transmits the second ciphertext to the receiving node;
step six, the receiving node compares whether the first ciphertext and the second ciphertext are correct or not; if yes, acquiring message content; if not, executing the step seven;
step seven: the receiving node transmits a message receiving failure signal to the network server;
step eight: the network server transmits a receiving failure signal to the sending node and executes the first step;
the sending signal comprises a sending node IP address and a receiving node IP address;
the acquisition signal comprises a sending node IP and a receiving node IP;
the verification serial numbers correspond to the sending node IP and the receiving node IP one by one; the process of the network server transmitting the second ciphertext to the receiving node is as follows: the network server encrypts the verification serial number, the IP of the sending node and the IP of the receiving node by using a second encryption algorithm to generate a second ciphertext;
the message comprises a message header and a message body; the process of sending the message to the receiving node by the sending node comprises the following steps: the sending node generates a first ciphertext by using a first encryption algorithm; the first encryption algorithm encrypts the current system time, the IP of the sending node and the IP of the receiving node transmitted by the network server; and the first ciphertext is encapsulated in a message header.
2. The method according to claim 1, wherein the system current time is a system time when the network server receives the transmission signal.
CN201810789788.7A 2018-07-18 2018-07-18 Method for processing data message based on same local area network Active CN109040031B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810789788.7A CN109040031B (en) 2018-07-18 2018-07-18 Method for processing data message based on same local area network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810789788.7A CN109040031B (en) 2018-07-18 2018-07-18 Method for processing data message based on same local area network

Publications (2)

Publication Number Publication Date
CN109040031A CN109040031A (en) 2018-12-18
CN109040031B true CN109040031B (en) 2021-02-09

Family

ID=64643276

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810789788.7A Active CN109040031B (en) 2018-07-18 2018-07-18 Method for processing data message based on same local area network

Country Status (1)

Country Link
CN (1) CN109040031B (en)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6314521B1 (en) * 1997-11-26 2001-11-06 International Business Machines Corporation Secure configuration of a digital certificate for a printer or other network device
CN101420430B (en) * 2008-11-28 2011-12-07 华为终端有限公司 Methods and apparatus for information security protection
CN107342964B (en) * 2016-04-28 2019-05-07 华为技术有限公司 A kind of message parsing method and equipment

Also Published As

Publication number Publication date
CN109040031A (en) 2018-12-18

Similar Documents

Publication Publication Date Title
EP3424178B1 (en) Deterministic reproduction of client/server computer state or output sent to one or more client computers
CN106789015B (en) Intelligent power distribution network communication safety system
WO2020173231A1 (en) Resource request method, device and storage medium
CN112468518B (en) Access data processing method and device, storage medium and computer equipment
US20140298008A1 (en) Control System Security Appliance
CN111464563B (en) Protection method of industrial control network and corresponding device
CN110912877B (en) Data transmitting and receiving method and device based on IEC61850 model in transformer substation
CN112468504B (en) Industrial control network access control method based on block chain
RU2649789C1 (en) Method of computer networks protection
US20210044600A1 (en) Security module for a can node
CN107172030B (en) High-privacy and anti-tracing communication method
CN111314381A (en) Safety isolation gateway
CN114143068A (en) Electric power internet of things gateway equipment container safety protection system and method thereof
CN105100268A (en) Security control method and system of Internet-of-things device as well as application server
CN104410580A (en) Trusted security WiFi (Wireless Fidelity) router and data processing method thereof
RU2307392C1 (en) Method (variants) for protecting computer networks
CN109040031B (en) Method for processing data message based on same local area network
CN111092860A (en) Medical data safety interaction transmission module
CN115766069A (en) Network security protection method and equipment based on Internet of things communication protocol
CN110769010B (en) Data management authority processing method and device and computer equipment
CN113395258A (en) Industrial internet authentication gateway test development system and authentication process thereof
CN105471839A (en) Method for judging whether router data is tampered
CN117240603B (en) Data transmission method, system, device, electronic equipment and storage medium
WO2024066059A1 (en) Industrial internet security system and method based on sdp and edge computing
CN111030984B (en) Data safety transmission system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant