CN109120619A - A kind of computer network communications system - Google Patents
A kind of computer network communications system Download PDFInfo
- Publication number
- CN109120619A CN109120619A CN201810938692.2A CN201810938692A CN109120619A CN 109120619 A CN109120619 A CN 109120619A CN 201810938692 A CN201810938692 A CN 201810938692A CN 109120619 A CN109120619 A CN 109120619A
- Authority
- CN
- China
- Prior art keywords
- module
- communication
- network
- control module
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Abstract
It is disclosed by the invention to belong to network communication technology field, specially a kind of computer network communications system, including microprocessor, access control module, encrypting module, Local Control Module and communication module, the access control module, encrypting module, Local Control Module and communication module are connect with microprocessor, the access control module includes authentication module, authorization control module, access control module and authority management module, a kind of computer network communications system that the invention proposes, the access management of integrated Intrusion Detection based on host, network data encryption and local control, realize the comprehensive management and monitoring of computer network, prevent computer network by various network attacks to the greatest extent, guarantee the safe transmission of data, avoid network storm, improve the safety and reliability of network, the invention has power consumption The at low cost and good advantage of real-time.
Description
Technical field
The present invention relates to network communication technology field, specially a kind of computer network communications system.
Background technique
Computer network communication technology is the product that the communication technology is combined with computer technology.Computer network be by
According to network protocol, by computer set interconnected disperse on the earth, independent.Connection medium can be cable, multiple twin
Line, optical fiber, microwave, carrier wave or telecommunication satellite.Computer network has the function of shared hardware, software and data resource, has
The ability that sharing data resources are focused on and managed and maintained.With the rapid growth and network of information resources on network
The increasingly expansion of application range, people on the living conditions with higher and higher to the degree of dependence of network in work, and network faces
The problems such as security threat is more and more prominent, equipment fault, software defect, unauthorized access, computer virus, hacker attack layer
Not poor out, network security has become a global and strategic problem.The net of existing computer network communications system
Network safety is poor, and the means for solving safety issue are single, implement comparatively laborious, and existing computer network is logical
Letter system can not be applied to the communication of field device and field instrument well, for this purpose, it is proposed that a kind of computer network
Communication system.
Summary of the invention
The purpose of the present invention is to provide a kind of computer network communications systems, to solve to propose in above-mentioned background technique
The problem of.
To achieve the above object, the invention provides the following technical scheme: a kind of computer network communications system, including it is micro-
Processor, access control module, encrypting module, Local Control Module, communication module and communication transfer interface module, the micro process
Device, access control module, encrypting module, Local Control Module, communication module and communication transfer interface module connect with microprocessor
It connects, the communication transfer interface module is connected with computer;
The access control module is used for the access control to user, and the access control module includes authentication
Module, authorization control module, access control module and authority management module, the authentication module are used for user's
The confirmation of identity, the authorization control module is for authorizing different access authority, the access control mould to different identity
Block prevents Internet resources and data resource to be illegally used, the rights management for the control to unauthorized users to access permission
Module is for the management to permission;
The encrypting module includes data encryption module and network encryption module, and it is public that the data encryption module is based on RSA
Secret key cipher system is opened, realizes the encryption to data, the network encryption module believes various original figures by Sealing mechanism
Number according to Encryption Algorithm be transformed into entirely different digital information in plain text, improve the safety of network data transmission;
The Local Control Module includes firewall module, intrusion detection module and local health module, the firewall
Module realizes the secure connection of internal network and external network, and the intrusion detection module is due to entering network intrusions and virus
The detection invaded, the local monitor module realize the monitoring to local system, program and file;
The communication module packet serial communication modular, expansion bus module, debugging interface module and Ethernet control, institute
State network communication of the communication module for main frame;
The communication transfer interface module realizes institute for connecting the computer and microprocessor, the communication transfer interface module
Computer and CAN communication are stated, the communication transfer interface module includes communication interface, the two-way electric connection monolithic of communication interface
Machine, the two-way electric connection CAN controller of single-chip microcontroller, the two-way electric connection photoelectric isolation module of CAN controller, institute
State the two-way electric connection CAN driver of photoelectric isolation module, the two-way electric connection CAN bus of CAN driver;
The CAN controller realizes Local Area Network control, after the single-chip microcontroller correctly initializes it, passes through
It accesses its internal register to realize to CAN operation, and completes all protocol functions of CAN physical layer and data link layer, it is described
CAN controller and the photoelectric isolation module and CAN driver constitute the channel with the CAN bus.
Preferably, the authority management module includes that permission increases module, permission removing module and permission modified module.
Preferably, the network encryption module be link encryption module, the link encryption module include special circuit,
Telephone wire, cable and optical cable.
Preferably, the firewall module realizes all distributed fire walls, intrusion detection strategy request using PBNS2
With policy distribution function.
Preferably, the microprocessor is using 32 ARM920T core for providing five-stage pipeline and Harvard structure
S3C2410A processor.
Preferably, the communication interface includes RS232 interface and RS485 interface, and the single-chip microcontroller passes through the RS232
Interface and RS485 interface are connect with the computer, and carry out level conversion by MAX232 and MA485, realize that connection is different
CAN network, carry out the MESSAGE EXCHANGE of CAN controller.
Compared with prior art, the beneficial effects of the present invention are: a kind of computer network communication system that the invention proposes
System integrates access management, network data encryption and the local control of Intrusion Detection based on host, realizes the comprehensive pipe of computer network
Reason and monitoring, prevent computer network by various network attacks to the greatest extent, guarantee the safe transmission of data, avoid
Network storm, improves the safety and reliability of network, CAN bus based computer network communications system, connection side
Just, easy to use, it is applied widely, there is reliability outstanding, real-time and flexibility, which has power consumption at low cost
The good advantage with real-time.
Detailed description of the invention
Fig. 1 is invention's principle block diagram;
Fig. 2 is communication transfer interface module functional block diagram of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts it is all its
His embodiment, shall fall within the protection scope of the present invention.
Referring to Fig. 1, the present invention provides a kind of technical solution: a kind of computer network communications system, including micro process
Device, access control module, encrypting module, Local Control Module, communication module and communication transfer interface module, the microprocessor, visit
Ask that control module, encrypting module, Local Control Module, communication module and communication transfer interface module are connect with microprocessor, it is described
Communication transfer interface module is connected with computer;
The access control module is used for the access control to user, and the access control module includes authentication
Module, authorization control module, access control module and authority management module, the authentication module are used for user's
The confirmation of identity, the authorization control module is for authorizing different access authority, the access control mould to different identity
Block prevents Internet resources and data resource to be illegally used, the rights management for the control to unauthorized users to access permission
Module is for the management to permission;
The encrypting module includes data encryption module and network encryption module, and it is public that the data encryption module is based on RSA
Secret key cipher system is opened, realizes the encryption to data, the network encryption module believes various original figures by Sealing mechanism
Number according to Encryption Algorithm be transformed into entirely different digital information in plain text, improve the safety of network data transmission;
The Local Control Module includes firewall module, intrusion detection module and local health module, the firewall
Module realizes the secure connection of internal network and external network, and the intrusion detection module is due to entering network intrusions and virus
The detection invaded, the local monitor module realize the monitoring to local system, program and file;
The communication module packet serial communication modular, expansion bus module, debugging interface module and Ethernet control, institute
State network communication of the communication module for main frame;
The communication transfer interface module realizes institute for connecting the computer and microprocessor, the communication transfer interface module
Computer and CAN communication are stated, the communication transfer interface module includes communication interface, the two-way electric connection monolithic of communication interface
Machine, the two-way electric connection CAN controller of single-chip microcontroller, the two-way electric connection photoelectric isolation module of CAN controller, institute
State the two-way electric connection CAN driver of photoelectric isolation module, the two-way electric connection CAN bus of CAN driver;
The CAN controller realizes Local Area Network control, after the single-chip microcontroller correctly initializes it, passes through
It accesses its internal register to realize to CAN operation, and completes all protocol functions of CAN physical layer and data link layer, it is described
CAN controller and the photoelectric isolation module and CAN driver constitute the channel with the CAN bus.
Wherein, the authority management module includes that permission increases module, permission removing module and permission modified module, institute
Stating network encryption module is link encryption module, and the link encryption module includes special circuit, telephone wire, cable and optical cable,
The firewall module realizes all distributed fire walls, intrusion detection strategy request and policy distribution function using PBNS2,
S3C2410A processor of the microprocessor using 32 ARM920T core for providing five-stage pipeline and Harvard structure, institute
Stating communication interface includes RS232 interface and RS485 interface, the single-chip microcontroller by the RS232 interface and RS485 interface with
The computer connection, and level conversion is carried out by MAX232 and MA485, it realizes and connects different CAN networks, carry out
The MESSAGE EXCHANGE of CAN controller.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with
A variety of variations, modification, replacement can be carried out to these embodiments without departing from the principles and spirit of the present invention by understanding
And modification, the scope of the present invention is defined by the appended.
Claims (6)
1. a kind of computer network communications system, it is characterised in that: including microprocessor, access control module, encrypting module, sheet
Ground control module, communication module and communication transfer interface module, the microprocessor, access control module, encrypting module, local control
Module, communication module and communication transfer interface module are connect with microprocessor, and the communication transfer interface module is connected with computer;
The access control module is used for the access control of user, the access control module include authentication module,
Authorization control module, access control module and authority management module, the authentication module are used for the identity of user
Confirmation, for authorizing different access authority to different identity, the access control module is used for the authorization control module
Control to unauthorized users to access permission prevents Internet resources and data resource to be illegally used, and the authority management module is used
In the management to permission;
The encrypting module includes data encryption module and network encryption module, and the data encryption module is disclosed close based on RSA
Key cipher system, realizes the encryption to data, and the network encryption module presses various raw digital signals by Sealing mechanism
It is transformed into the digital information entirely different with plaintext according to Encryption Algorithm, improves the safety of network data transmission;
The Local Control Module includes firewall module, intrusion detection module and local health module, the firewall module
Realize the secure connection of internal network and external network, the intrusion detection module is due to the inspection to network intrusions and poisoning intrusion
It surveys, the local monitor module realizes the monitoring to local system, program and file;
The communication module packet serial communication modular, expansion bus module, debugging interface module and Ethernet control, the communication
Module is used for the network communication of main frame;
The communication transfer interface module realizes the calculating for connecting the computer and microprocessor, the communication transfer interface module
Machine and CAN communication, the communication transfer interface module include communication interface, the two-way electric connection single-chip microcontroller of communication interface, described
The two-way electric connection CAN controller of single-chip microcontroller, the two-way electric connection photoelectric isolation module of CAN controller, the photoelectricity every
From the two-way electric connection CAN driver of module, the two-way electric connection CAN bus of CAN driver;
The CAN controller realizes Local Area Network control, after the single-chip microcontroller correctly initializes it, by accessing it
Internal register, which is realized, operates CAN, and completes all protocol functions of CAN physical layer and data link layer, the CAN control
Device and the photoelectric isolation module and CAN driver constitute the channel with the CAN bus.
2. a kind of computer network communications system according to claim 1, it is characterised in that: the authority management module packet
It includes permission and increases module, permission removing module and permission modified module.
3. a kind of computer network communications system according to claim 1, it is characterised in that: the network encryption module is
Link encryption module, the link encryption module include special circuit, telephone wire, cable and optical cable.
4. a kind of computer network communications system according to claim 1, it is characterised in that: the firewall module uses
PBNS2 realizes all distributed fire walls, intrusion detection strategy request and policy distribution function.
5. a kind of computer network communications system according to claim 1, it is characterised in that: the microprocessor is used and mentioned
For five-stage pipeline and the S3C2410A processor of 32 ARM920T core of Harvard structure.
6. a kind of computer network communications system according to claim 1, it is characterised in that: the communication interface includes
RS232 interface and RS485 interface, the single-chip microcontroller are connect by the RS232 interface and RS485 interface with the computer,
And level conversion is carried out by MAX232 and MA485, it realizes and connects different CAN networks, the message for carrying out CAN controller is handed over
It changes.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810938692.2A CN109120619A (en) | 2018-08-17 | 2018-08-17 | A kind of computer network communications system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810938692.2A CN109120619A (en) | 2018-08-17 | 2018-08-17 | A kind of computer network communications system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109120619A true CN109120619A (en) | 2019-01-01 |
Family
ID=64852794
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810938692.2A Pending CN109120619A (en) | 2018-08-17 | 2018-08-17 | A kind of computer network communications system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109120619A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110263517A (en) * | 2019-05-27 | 2019-09-20 | 湖南高速铁路职业技术学院 | The information safety system of enterprise intelligent equipment |
CN114374532A (en) * | 2021-12-06 | 2022-04-19 | 国网山东省电力公司聊城供电公司 | Network security monitoring system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102957587A (en) * | 2011-08-26 | 2013-03-06 | 半导体元件工业有限责任公司 | System, method and equipment for providing network communication |
US9043874B2 (en) * | 2012-11-28 | 2015-05-26 | Wal-Mart Stores, Inc. | System and method for protecting data in an enterprise environment |
CN106656960A (en) * | 2016-09-28 | 2017-05-10 | 北京辰极国泰科技有限公司 | Hilscher-based credible data acquisition system and method |
-
2018
- 2018-08-17 CN CN201810938692.2A patent/CN109120619A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102957587A (en) * | 2011-08-26 | 2013-03-06 | 半导体元件工业有限责任公司 | System, method and equipment for providing network communication |
US9043874B2 (en) * | 2012-11-28 | 2015-05-26 | Wal-Mart Stores, Inc. | System and method for protecting data in an enterprise environment |
CN106656960A (en) * | 2016-09-28 | 2017-05-10 | 北京辰极国泰科技有限公司 | Hilscher-based credible data acquisition system and method |
Non-Patent Citations (2)
Title |
---|
朱贞: "基于网络的嵌入式远程控制系统的研究和开发", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
杨春杰: "基于CAN总线的一种计算机通信方式", 《兰州交通大学学报(自然科学版)》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110263517A (en) * | 2019-05-27 | 2019-09-20 | 湖南高速铁路职业技术学院 | The information safety system of enterprise intelligent equipment |
CN114374532A (en) * | 2021-12-06 | 2022-04-19 | 国网山东省电力公司聊城供电公司 | Network security monitoring system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Gan et al. | Internet of things security analysis | |
CN101662359B (en) | Security protection method of communication data of special electricity public network | |
CN103491072B (en) | A kind of border access control method based on double unidirection insulation network brakes | |
CN106789015B (en) | Intelligent power distribution network communication safety system | |
CN106992984A (en) | A kind of method of the mobile terminal safety access information Intranet based on electric power acquisition net | |
CN102111349A (en) | Security certificate gateway | |
CN107295312A (en) | A kind of wireless video safety access system based on SSL VPN | |
CN103441991A (en) | Mobile terminal security access platform | |
CN115549932B (en) | Security access system and access method for massive heterogeneous Internet of things terminals | |
CN111988328A (en) | Safety guarantee method and system for acquiring terminal data of power generation unit of new energy plant station | |
CN107920089A (en) | A kind of intelligent network lotus interactive terminal protecting information safety authentication encryption method | |
CN106506540A (en) | A kind of intranet data transmission method of attack resistance and system | |
CN104219077A (en) | Information management system for middle and small-sized enterprises | |
CN109617875A (en) | A kind of the secure accessing platform and its implementation of terminal communication network | |
CN110855707A (en) | Internet of things communication pipeline safety control system and method | |
CN202652534U (en) | Mobile terminal safety access platform | |
CN109120619A (en) | A kind of computer network communications system | |
CN201878191U (en) | Security access device for video | |
Ati et al. | Framework for managing smart cities security and privacy applications | |
CN201571068U (en) | Network system and protection management device | |
Li et al. | Research on sensor-gateway-terminal security mechanism of smart home based on IOT | |
CN105721458A (en) | Industrial Ethernet switching method based on ISG security password technique | |
Yue et al. | The research of firewall technology in computer network security | |
CN212463237U (en) | Gateway for controlling access to Internet of things based on block chain | |
Yina | Discussion on computer network security technology and firewall technology |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190101 |
|
RJ01 | Rejection of invention patent application after publication |