CN109120619A - A kind of computer network communications system - Google Patents

A kind of computer network communications system Download PDF

Info

Publication number
CN109120619A
CN109120619A CN201810938692.2A CN201810938692A CN109120619A CN 109120619 A CN109120619 A CN 109120619A CN 201810938692 A CN201810938692 A CN 201810938692A CN 109120619 A CN109120619 A CN 109120619A
Authority
CN
China
Prior art keywords
module
communication
network
control module
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810938692.2A
Other languages
Chinese (zh)
Inventor
武风波
杨思捷
武文宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian University of Science and Technology
Original Assignee
Xian University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian University of Science and Technology filed Critical Xian University of Science and Technology
Priority to CN201810938692.2A priority Critical patent/CN109120619A/en
Publication of CN109120619A publication Critical patent/CN109120619A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Abstract

It is disclosed by the invention to belong to network communication technology field, specially a kind of computer network communications system, including microprocessor, access control module, encrypting module, Local Control Module and communication module, the access control module, encrypting module, Local Control Module and communication module are connect with microprocessor, the access control module includes authentication module, authorization control module, access control module and authority management module, a kind of computer network communications system that the invention proposes, the access management of integrated Intrusion Detection based on host, network data encryption and local control, realize the comprehensive management and monitoring of computer network, prevent computer network by various network attacks to the greatest extent, guarantee the safe transmission of data, avoid network storm, improve the safety and reliability of network, the invention has power consumption The at low cost and good advantage of real-time.

Description

A kind of computer network communications system
Technical field
The present invention relates to network communication technology field, specially a kind of computer network communications system.
Background technique
Computer network communication technology is the product that the communication technology is combined with computer technology.Computer network be by According to network protocol, by computer set interconnected disperse on the earth, independent.Connection medium can be cable, multiple twin Line, optical fiber, microwave, carrier wave or telecommunication satellite.Computer network has the function of shared hardware, software and data resource, has The ability that sharing data resources are focused on and managed and maintained.With the rapid growth and network of information resources on network The increasingly expansion of application range, people on the living conditions with higher and higher to the degree of dependence of network in work, and network faces The problems such as security threat is more and more prominent, equipment fault, software defect, unauthorized access, computer virus, hacker attack layer Not poor out, network security has become a global and strategic problem.The net of existing computer network communications system Network safety is poor, and the means for solving safety issue are single, implement comparatively laborious, and existing computer network is logical Letter system can not be applied to the communication of field device and field instrument well, for this purpose, it is proposed that a kind of computer network Communication system.
Summary of the invention
The purpose of the present invention is to provide a kind of computer network communications systems, to solve to propose in above-mentioned background technique The problem of.
To achieve the above object, the invention provides the following technical scheme: a kind of computer network communications system, including it is micro- Processor, access control module, encrypting module, Local Control Module, communication module and communication transfer interface module, the micro process Device, access control module, encrypting module, Local Control Module, communication module and communication transfer interface module connect with microprocessor It connects, the communication transfer interface module is connected with computer;
The access control module is used for the access control to user, and the access control module includes authentication Module, authorization control module, access control module and authority management module, the authentication module are used for user's The confirmation of identity, the authorization control module is for authorizing different access authority, the access control mould to different identity Block prevents Internet resources and data resource to be illegally used, the rights management for the control to unauthorized users to access permission Module is for the management to permission;
The encrypting module includes data encryption module and network encryption module, and it is public that the data encryption module is based on RSA Secret key cipher system is opened, realizes the encryption to data, the network encryption module believes various original figures by Sealing mechanism Number according to Encryption Algorithm be transformed into entirely different digital information in plain text, improve the safety of network data transmission;
The Local Control Module includes firewall module, intrusion detection module and local health module, the firewall Module realizes the secure connection of internal network and external network, and the intrusion detection module is due to entering network intrusions and virus The detection invaded, the local monitor module realize the monitoring to local system, program and file;
The communication module packet serial communication modular, expansion bus module, debugging interface module and Ethernet control, institute State network communication of the communication module for main frame;
The communication transfer interface module realizes institute for connecting the computer and microprocessor, the communication transfer interface module Computer and CAN communication are stated, the communication transfer interface module includes communication interface, the two-way electric connection monolithic of communication interface Machine, the two-way electric connection CAN controller of single-chip microcontroller, the two-way electric connection photoelectric isolation module of CAN controller, institute State the two-way electric connection CAN driver of photoelectric isolation module, the two-way electric connection CAN bus of CAN driver;
The CAN controller realizes Local Area Network control, after the single-chip microcontroller correctly initializes it, passes through It accesses its internal register to realize to CAN operation, and completes all protocol functions of CAN physical layer and data link layer, it is described CAN controller and the photoelectric isolation module and CAN driver constitute the channel with the CAN bus.
Preferably, the authority management module includes that permission increases module, permission removing module and permission modified module.
Preferably, the network encryption module be link encryption module, the link encryption module include special circuit, Telephone wire, cable and optical cable.
Preferably, the firewall module realizes all distributed fire walls, intrusion detection strategy request using PBNS2 With policy distribution function.
Preferably, the microprocessor is using 32 ARM920T core for providing five-stage pipeline and Harvard structure S3C2410A processor.
Preferably, the communication interface includes RS232 interface and RS485 interface, and the single-chip microcontroller passes through the RS232 Interface and RS485 interface are connect with the computer, and carry out level conversion by MAX232 and MA485, realize that connection is different CAN network, carry out the MESSAGE EXCHANGE of CAN controller.
Compared with prior art, the beneficial effects of the present invention are: a kind of computer network communication system that the invention proposes System integrates access management, network data encryption and the local control of Intrusion Detection based on host, realizes the comprehensive pipe of computer network Reason and monitoring, prevent computer network by various network attacks to the greatest extent, guarantee the safe transmission of data, avoid Network storm, improves the safety and reliability of network, CAN bus based computer network communications system, connection side Just, easy to use, it is applied widely, there is reliability outstanding, real-time and flexibility, which has power consumption at low cost The good advantage with real-time.
Detailed description of the invention
Fig. 1 is invention's principle block diagram;
Fig. 2 is communication transfer interface module functional block diagram of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts it is all its His embodiment, shall fall within the protection scope of the present invention.
Referring to Fig. 1, the present invention provides a kind of technical solution: a kind of computer network communications system, including micro process Device, access control module, encrypting module, Local Control Module, communication module and communication transfer interface module, the microprocessor, visit Ask that control module, encrypting module, Local Control Module, communication module and communication transfer interface module are connect with microprocessor, it is described Communication transfer interface module is connected with computer;
The access control module is used for the access control to user, and the access control module includes authentication Module, authorization control module, access control module and authority management module, the authentication module are used for user's The confirmation of identity, the authorization control module is for authorizing different access authority, the access control mould to different identity Block prevents Internet resources and data resource to be illegally used, the rights management for the control to unauthorized users to access permission Module is for the management to permission;
The encrypting module includes data encryption module and network encryption module, and it is public that the data encryption module is based on RSA Secret key cipher system is opened, realizes the encryption to data, the network encryption module believes various original figures by Sealing mechanism Number according to Encryption Algorithm be transformed into entirely different digital information in plain text, improve the safety of network data transmission;
The Local Control Module includes firewall module, intrusion detection module and local health module, the firewall Module realizes the secure connection of internal network and external network, and the intrusion detection module is due to entering network intrusions and virus The detection invaded, the local monitor module realize the monitoring to local system, program and file;
The communication module packet serial communication modular, expansion bus module, debugging interface module and Ethernet control, institute State network communication of the communication module for main frame;
The communication transfer interface module realizes institute for connecting the computer and microprocessor, the communication transfer interface module Computer and CAN communication are stated, the communication transfer interface module includes communication interface, the two-way electric connection monolithic of communication interface Machine, the two-way electric connection CAN controller of single-chip microcontroller, the two-way electric connection photoelectric isolation module of CAN controller, institute State the two-way electric connection CAN driver of photoelectric isolation module, the two-way electric connection CAN bus of CAN driver;
The CAN controller realizes Local Area Network control, after the single-chip microcontroller correctly initializes it, passes through It accesses its internal register to realize to CAN operation, and completes all protocol functions of CAN physical layer and data link layer, it is described CAN controller and the photoelectric isolation module and CAN driver constitute the channel with the CAN bus.
Wherein, the authority management module includes that permission increases module, permission removing module and permission modified module, institute Stating network encryption module is link encryption module, and the link encryption module includes special circuit, telephone wire, cable and optical cable, The firewall module realizes all distributed fire walls, intrusion detection strategy request and policy distribution function using PBNS2, S3C2410A processor of the microprocessor using 32 ARM920T core for providing five-stage pipeline and Harvard structure, institute Stating communication interface includes RS232 interface and RS485 interface, the single-chip microcontroller by the RS232 interface and RS485 interface with The computer connection, and level conversion is carried out by MAX232 and MA485, it realizes and connects different CAN networks, carry out The MESSAGE EXCHANGE of CAN controller.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with A variety of variations, modification, replacement can be carried out to these embodiments without departing from the principles and spirit of the present invention by understanding And modification, the scope of the present invention is defined by the appended.

Claims (6)

1. a kind of computer network communications system, it is characterised in that: including microprocessor, access control module, encrypting module, sheet Ground control module, communication module and communication transfer interface module, the microprocessor, access control module, encrypting module, local control Module, communication module and communication transfer interface module are connect with microprocessor, and the communication transfer interface module is connected with computer;
The access control module is used for the access control of user, the access control module include authentication module, Authorization control module, access control module and authority management module, the authentication module are used for the identity of user Confirmation, for authorizing different access authority to different identity, the access control module is used for the authorization control module Control to unauthorized users to access permission prevents Internet resources and data resource to be illegally used, and the authority management module is used In the management to permission;
The encrypting module includes data encryption module and network encryption module, and the data encryption module is disclosed close based on RSA Key cipher system, realizes the encryption to data, and the network encryption module presses various raw digital signals by Sealing mechanism It is transformed into the digital information entirely different with plaintext according to Encryption Algorithm, improves the safety of network data transmission;
The Local Control Module includes firewall module, intrusion detection module and local health module, the firewall module Realize the secure connection of internal network and external network, the intrusion detection module is due to the inspection to network intrusions and poisoning intrusion It surveys, the local monitor module realizes the monitoring to local system, program and file;
The communication module packet serial communication modular, expansion bus module, debugging interface module and Ethernet control, the communication Module is used for the network communication of main frame;
The communication transfer interface module realizes the calculating for connecting the computer and microprocessor, the communication transfer interface module Machine and CAN communication, the communication transfer interface module include communication interface, the two-way electric connection single-chip microcontroller of communication interface, described The two-way electric connection CAN controller of single-chip microcontroller, the two-way electric connection photoelectric isolation module of CAN controller, the photoelectricity every From the two-way electric connection CAN driver of module, the two-way electric connection CAN bus of CAN driver;
The CAN controller realizes Local Area Network control, after the single-chip microcontroller correctly initializes it, by accessing it Internal register, which is realized, operates CAN, and completes all protocol functions of CAN physical layer and data link layer, the CAN control Device and the photoelectric isolation module and CAN driver constitute the channel with the CAN bus.
2. a kind of computer network communications system according to claim 1, it is characterised in that: the authority management module packet It includes permission and increases module, permission removing module and permission modified module.
3. a kind of computer network communications system according to claim 1, it is characterised in that: the network encryption module is Link encryption module, the link encryption module include special circuit, telephone wire, cable and optical cable.
4. a kind of computer network communications system according to claim 1, it is characterised in that: the firewall module uses PBNS2 realizes all distributed fire walls, intrusion detection strategy request and policy distribution function.
5. a kind of computer network communications system according to claim 1, it is characterised in that: the microprocessor is used and mentioned For five-stage pipeline and the S3C2410A processor of 32 ARM920T core of Harvard structure.
6. a kind of computer network communications system according to claim 1, it is characterised in that: the communication interface includes RS232 interface and RS485 interface, the single-chip microcontroller are connect by the RS232 interface and RS485 interface with the computer, And level conversion is carried out by MAX232 and MA485, it realizes and connects different CAN networks, the message for carrying out CAN controller is handed over It changes.
CN201810938692.2A 2018-08-17 2018-08-17 A kind of computer network communications system Pending CN109120619A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810938692.2A CN109120619A (en) 2018-08-17 2018-08-17 A kind of computer network communications system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810938692.2A CN109120619A (en) 2018-08-17 2018-08-17 A kind of computer network communications system

Publications (1)

Publication Number Publication Date
CN109120619A true CN109120619A (en) 2019-01-01

Family

ID=64852794

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810938692.2A Pending CN109120619A (en) 2018-08-17 2018-08-17 A kind of computer network communications system

Country Status (1)

Country Link
CN (1) CN109120619A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110263517A (en) * 2019-05-27 2019-09-20 湖南高速铁路职业技术学院 The information safety system of enterprise intelligent equipment
CN114374532A (en) * 2021-12-06 2022-04-19 国网山东省电力公司聊城供电公司 Network security monitoring system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102957587A (en) * 2011-08-26 2013-03-06 半导体元件工业有限责任公司 System, method and equipment for providing network communication
US9043874B2 (en) * 2012-11-28 2015-05-26 Wal-Mart Stores, Inc. System and method for protecting data in an enterprise environment
CN106656960A (en) * 2016-09-28 2017-05-10 北京辰极国泰科技有限公司 Hilscher-based credible data acquisition system and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102957587A (en) * 2011-08-26 2013-03-06 半导体元件工业有限责任公司 System, method and equipment for providing network communication
US9043874B2 (en) * 2012-11-28 2015-05-26 Wal-Mart Stores, Inc. System and method for protecting data in an enterprise environment
CN106656960A (en) * 2016-09-28 2017-05-10 北京辰极国泰科技有限公司 Hilscher-based credible data acquisition system and method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
朱贞: "基于网络的嵌入式远程控制系统的研究和开发", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
杨春杰: "基于CAN总线的一种计算机通信方式", 《兰州交通大学学报(自然科学版)》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110263517A (en) * 2019-05-27 2019-09-20 湖南高速铁路职业技术学院 The information safety system of enterprise intelligent equipment
CN114374532A (en) * 2021-12-06 2022-04-19 国网山东省电力公司聊城供电公司 Network security monitoring system

Similar Documents

Publication Publication Date Title
Gan et al. Internet of things security analysis
CN101662359B (en) Security protection method of communication data of special electricity public network
CN103491072B (en) A kind of border access control method based on double unidirection insulation network brakes
CN106789015B (en) Intelligent power distribution network communication safety system
CN106992984A (en) A kind of method of the mobile terminal safety access information Intranet based on electric power acquisition net
CN102111349A (en) Security certificate gateway
CN107295312A (en) A kind of wireless video safety access system based on SSL VPN
CN103441991A (en) Mobile terminal security access platform
CN115549932B (en) Security access system and access method for massive heterogeneous Internet of things terminals
CN111988328A (en) Safety guarantee method and system for acquiring terminal data of power generation unit of new energy plant station
CN107920089A (en) A kind of intelligent network lotus interactive terminal protecting information safety authentication encryption method
CN106506540A (en) A kind of intranet data transmission method of attack resistance and system
CN104219077A (en) Information management system for middle and small-sized enterprises
CN109617875A (en) A kind of the secure accessing platform and its implementation of terminal communication network
CN110855707A (en) Internet of things communication pipeline safety control system and method
CN202652534U (en) Mobile terminal safety access platform
CN109120619A (en) A kind of computer network communications system
CN201878191U (en) Security access device for video
Ati et al. Framework for managing smart cities security and privacy applications
CN201571068U (en) Network system and protection management device
Li et al. Research on sensor-gateway-terminal security mechanism of smart home based on IOT
CN105721458A (en) Industrial Ethernet switching method based on ISG security password technique
Yue et al. The research of firewall technology in computer network security
CN212463237U (en) Gateway for controlling access to Internet of things based on block chain
Yina Discussion on computer network security technology and firewall technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190101

RJ01 Rejection of invention patent application after publication