CN109587097A - 一种实现安全访问内部网络的系统、方法和装置 - Google Patents

一种实现安全访问内部网络的系统、方法和装置 Download PDF

Info

Publication number
CN109587097A
CN109587097A CN201710905297.XA CN201710905297A CN109587097A CN 109587097 A CN109587097 A CN 109587097A CN 201710905297 A CN201710905297 A CN 201710905297A CN 109587097 A CN109587097 A CN 109587097A
Authority
CN
China
Prior art keywords
access request
request
network access
network
authentication information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710905297.XA
Other languages
English (en)
Chinese (zh)
Inventor
李齐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201710905297.XA priority Critical patent/CN109587097A/zh
Priority to TW107120280A priority patent/TW201916628A/zh
Priority to PCT/CN2018/106976 priority patent/WO2019062666A1/fr
Publication of CN109587097A publication Critical patent/CN109587097A/zh
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
CN201710905297.XA 2017-09-29 2017-09-29 一种实现安全访问内部网络的系统、方法和装置 Pending CN109587097A (zh)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201710905297.XA CN109587097A (zh) 2017-09-29 2017-09-29 一种实现安全访问内部网络的系统、方法和装置
TW107120280A TW201916628A (zh) 2017-09-29 2018-06-13 實現安全存取內部網路的系統、方法和裝置
PCT/CN2018/106976 WO2019062666A1 (fr) 2017-09-29 2018-09-21 Procédé et appareil permettant d'accéder de manière sécurisée à un réseau interne

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710905297.XA CN109587097A (zh) 2017-09-29 2017-09-29 一种实现安全访问内部网络的系统、方法和装置

Publications (1)

Publication Number Publication Date
CN109587097A true CN109587097A (zh) 2019-04-05

Family

ID=65900652

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710905297.XA Pending CN109587097A (zh) 2017-09-29 2017-09-29 一种实现安全访问内部网络的系统、方法和装置

Country Status (3)

Country Link
CN (1) CN109587097A (fr)
TW (1) TW201916628A (fr)
WO (1) WO2019062666A1 (fr)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110807202A (zh) * 2019-10-31 2020-02-18 北京字节跳动网络技术有限公司 校验信息的处理方法、装置、电子设备及计算机可读介质
CN110995422A (zh) * 2019-11-29 2020-04-10 深信服科技股份有限公司 一种数据分析方法、系统、设备及计算机可读存储介质
CN111355720A (zh) * 2020-02-25 2020-06-30 深信服科技股份有限公司 一种应用访问内网方法、系统、设备及计算机存储介质
CN111737723A (zh) * 2020-08-25 2020-10-02 杭州海康威视数字技术股份有限公司 一种业务处理方法、装置及设备
CN111814084A (zh) * 2020-06-18 2020-10-23 北京天空卫士网络安全技术有限公司 数据访问管理的方法、装置和系统
CN112260981A (zh) * 2019-07-22 2021-01-22 北京明华联盟科技有限公司 身份认证方法、装置、系统以及存储介质
CN112532561A (zh) * 2019-08-28 2021-03-19 斑马智行网络(香港)有限公司 用于实现设备间访问的方法、装置、系统及存储介质
CN112541136A (zh) * 2019-09-23 2021-03-23 北京国双科技有限公司 网络地址信息的获取方法、装置、存储介质和电子设备
CN115065530A (zh) * 2022-06-13 2022-09-16 北京华信傲天网络技术有限公司 一种可信数据交互方法及系统
CN116633687A (zh) * 2023-07-20 2023-08-22 深圳市永达电子信息股份有限公司 一种终端安全接入方法、系统及控制器

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112104605B (zh) * 2020-08-10 2023-02-03 深信服科技股份有限公司 网络管理方法、设备及存储介质
CN114157475B (zh) * 2021-11-30 2023-09-19 迈普通信技术股份有限公司 一种设备接入方法、装置,认证设备及接入设备
CN114363031A (zh) * 2021-12-29 2022-04-15 中国电信股份有限公司 一种网络访问方法及装置
CN115766059B (zh) * 2022-09-22 2024-05-17 网易(杭州)网络有限公司 一种集群部署方法、访问方法、装置及电子设备
CN116796306B (zh) * 2023-08-15 2023-11-14 浩鲸云计算科技股份有限公司 一种同一租户下notebook表权限控制的方法

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102171984A (zh) * 2008-10-06 2011-08-31 诺基亚西门子通信公司 服务提供者访问
CN102368768A (zh) * 2011-10-12 2012-03-07 北京星网锐捷网络技术有限公司 认证方法、设备、系统及认证服务器
CN104239577A (zh) * 2014-10-09 2014-12-24 北京奇虎科技有限公司 检测网页数据真伪的方法和装置
CN106790194A (zh) * 2016-12-30 2017-05-31 中国银联股份有限公司 一种基于ssl协议的访问控制方法及装置
US20170187708A1 (en) * 2015-12-29 2017-06-29 International Business Machines Corporation Service provider initiated additional authentication in a federated system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012092269A1 (fr) * 2010-12-29 2012-07-05 Citrix Systems, Inc. Systèmes et procédés d'intégration à base de règles pour des appareils d'optimisation wan déployés horizontalement
CN102811225B (zh) * 2012-08-22 2016-08-17 神州数码网络(北京)有限公司 一种ssl中间代理访问web资源的方法及交换机
CN105915550B (zh) * 2015-11-25 2018-12-21 北京邮电大学 一种基于SDN的Portal/Radius认证方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102171984A (zh) * 2008-10-06 2011-08-31 诺基亚西门子通信公司 服务提供者访问
CN102368768A (zh) * 2011-10-12 2012-03-07 北京星网锐捷网络技术有限公司 认证方法、设备、系统及认证服务器
CN104239577A (zh) * 2014-10-09 2014-12-24 北京奇虎科技有限公司 检测网页数据真伪的方法和装置
US20170187708A1 (en) * 2015-12-29 2017-06-29 International Business Machines Corporation Service provider initiated additional authentication in a federated system
CN106790194A (zh) * 2016-12-30 2017-05-31 中国银联股份有限公司 一种基于ssl协议的访问控制方法及装置

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112260981A (zh) * 2019-07-22 2021-01-22 北京明华联盟科技有限公司 身份认证方法、装置、系统以及存储介质
CN112532561A (zh) * 2019-08-28 2021-03-19 斑马智行网络(香港)有限公司 用于实现设备间访问的方法、装置、系统及存储介质
CN112541136B (zh) * 2019-09-23 2024-02-13 北京国双科技有限公司 网络地址信息的获取方法、装置、存储介质和电子设备
CN112541136A (zh) * 2019-09-23 2021-03-23 北京国双科技有限公司 网络地址信息的获取方法、装置、存储介质和电子设备
CN110807202A (zh) * 2019-10-31 2020-02-18 北京字节跳动网络技术有限公司 校验信息的处理方法、装置、电子设备及计算机可读介质
CN110995422B (zh) * 2019-11-29 2023-02-03 深信服科技股份有限公司 一种数据分析方法、系统、设备及计算机可读存储介质
CN110995422A (zh) * 2019-11-29 2020-04-10 深信服科技股份有限公司 一种数据分析方法、系统、设备及计算机可读存储介质
CN111355720A (zh) * 2020-02-25 2020-06-30 深信服科技股份有限公司 一种应用访问内网方法、系统、设备及计算机存储介质
CN111814084A (zh) * 2020-06-18 2020-10-23 北京天空卫士网络安全技术有限公司 数据访问管理的方法、装置和系统
CN111737723A (zh) * 2020-08-25 2020-10-02 杭州海康威视数字技术股份有限公司 一种业务处理方法、装置及设备
CN115065530A (zh) * 2022-06-13 2022-09-16 北京华信傲天网络技术有限公司 一种可信数据交互方法及系统
CN115065530B (zh) * 2022-06-13 2024-01-23 北京华信傲天网络技术有限公司 一种可信数据交互方法及系统
CN116633687A (zh) * 2023-07-20 2023-08-22 深圳市永达电子信息股份有限公司 一种终端安全接入方法、系统及控制器

Also Published As

Publication number Publication date
TW201916628A (zh) 2019-04-16
WO2019062666A1 (fr) 2019-04-04

Similar Documents

Publication Publication Date Title
CN109587097A (zh) 一种实现安全访问内部网络的系统、方法和装置
CN108901022B (zh) 一种微服务统一鉴权方法及网关
US10965772B2 (en) Interface invocation method and apparatus for hybrid cloud
CN104144163B (zh) 身份验证方法、装置及系统
CN105933353B (zh) 安全登录的实现方法及系统
CN109936547A (zh) 身份认证方法、系统及计算设备
US20140189808A1 (en) Multi-factor authentication and comprehensive login system for client-server networks
US11451533B1 (en) Data cycling
CN104869102B (zh) 基于xAuth协议的授权方法、装置和系统
CN107666383A (zh) 基于https协议的报文处理方法以及装置
CN107005569A (zh) 端对端服务层认证
Shetty et al. Are you dating danger? An interdisciplinary approach to evaluating the (in) security of android dating apps
EP3633949A1 (fr) Procédé et système d'exécution de négociation ssl
US10257171B2 (en) Server public key pinning by URL
CN110401641A (zh) 用户认证方法、装置、电子设备
CN109495503A (zh) 一种ssl vpn认证方法、客户端、服务器及网关
CN105208041A (zh) 基于hook的云存储应用加密数据包破解方法
CN109040069A (zh) 一种云应用程序的发布方法、发布系统及访问方法
CN109743373A (zh) 终端的远程协助方法、设备、系统和介质
CN108156119A (zh) 登录验证方法及装置
CN107135190B (zh) 基于传输层安全连接的数据流量归属识别方法及装置
CN109218334A (zh) 数据处理方法、装置、接入控制设备、认证服务器及系统
Chen et al. A full lifecycle authentication scheme for large-scale smart IoT applications
CN104168565A (zh) 一种非可信无线网络环境下智能终端安全通讯的控制方法
CN110166471A (zh) 一种Portal认证方法及装置

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190405