CN109729172A - A kind of order of information security software issues new method - Google Patents
A kind of order of information security software issues new method Download PDFInfo
- Publication number
- CN109729172A CN109729172A CN201910031009.1A CN201910031009A CN109729172A CN 109729172 A CN109729172 A CN 109729172A CN 201910031009 A CN201910031009 A CN 201910031009A CN 109729172 A CN109729172 A CN 109729172A
- Authority
- CN
- China
- Prior art keywords
- webpage
- security software
- information security
- http
- https
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention relates to a kind of orders of information security software to issue new method.When mount message security software, a HTTP/HTTPS analysis program is installed in subscriber's main station, which can capture all web-page requests;Command Line Parsing program, even when analysis program captures secret webpage x request, notification information security software executes related command;When user is with one webpage y of HTTP/HTTPS protocol access subscriber's main station, analysis program captures the request to webpage y, then webpage y is compared with the configuration information of step S2: if webpage y is consistent with the secret webpage x of step S2, then notification information security software executes related command, otherwise abandons or be transmitted to web operation system for request.Present invention reduces the professional skill requirement to user, the probability of happening of whole operation system failure is reduced, and without the driving cooperation of additional developing kernel.
Description
Technical field
The invention belongs to information security software field, in particular to a kind of order of information security software issues new method.
Background technique
The such as various antivirus softwares of existing information security software, various computer house keepers, various security guards, various files
Encryption software, various file tamper-resistant softwares (including webpage tamper-resistant software) etc. are all to protect user data not by illegal infringement
(such as: remove virus or be not infected, restore to distort or do not distorted illegally, not by unauthorized access etc.) and generate.
Generally for oneself safety protection reason, can all provide a user proprietary software management platform (such as: one specially
The admin site etc. for having client software or being logged in by browser).In general, due to safety concerns, if user will be to information
Security software transmitting order to lower levels (such as: pause is closed and is opened), the management platform by the software is required by certain step
Operation could be completed.
In addition, the scheme of number of patent application 201810189378.9 is shown, secret path file is accessed simultaneously by user
To information security software transmitting order to lower levels after kernel-driven captures.
Prior art defect is as follows:
If user need for various reasons to the frequent transmitting order to lower levels of information security software (such as: it is intermittent that user needs
It modifies to a web page files, needs frequently to carry out under only read-protected webpage tamper-resistant software to this web page files
Send out the order of pause/off/on), at this point, user must frequently open the software management platform (such as: a proprietary visitor
Family end software or the admin site etc. logged in by browser), then carrying out operation by certain step could transmitting order to lower levels.This
A little tedious steps there are certain requirements the professional skill of user, and increase fault rate when frequent operation,
Increase security risk.
In addition, the scheme of number of patent application 201810189378.9 is shown, key point be to rely on additionally develop it is interior
The secret path of core driving capture user's access could have the professional skill of developer to information security software transmitting order to lower levels
Higher requirement, and due to the particularity of kernel-driven, it loads the kernel-driven additionally developed and increases whole operation system
The probability of happening of delay machine.
Summary of the invention
It is an object of the invention to solve prior art disadvantage, and the order for providing a kind of information security software issues new side
Method.
To achieve the above object, the technical scheme is that a kind of order of information security software issues new method, packet
Include following steps:
Step S1, when mount message security software, a HTTP/HTTPS analysis program, the HTTP/ are installed in subscriber's main station
HTTPS analysis program can capture all web-page requests;
Step S2, HTTP/HTTPS analysis program is configured, even, when HTTP/HTTPS analysis program captures a secret webpage x
When request, notification information security software executes related command;
Step S3, when user is captured with one webpage y, HTTP/HTTPS analysis program of HTTP/HTTPS protocol access subscriber's main station
Then request to webpage y compares the configuration information of webpage y and step S2: if webpage y is the same as the secret webpage of step S2
X is consistent, then notification information security software executes related command, otherwise abandons or be transmitted to web operation system for request.
In an embodiment of the present invention, the HTTP/HTTPS analysis program includes middleware software, by middleware
The module of third party's development interface exploitation.
In an embodiment of the present invention, in step sl, the mould that third party's development interface by middleware is developed
Block includes the Module of the ISAPI screening washer of IIS, Apache and ngnix.
In an embodiment of the present invention, in step s 2, the related command that information security software executes includes pause, closes
Or it opens.
In an embodiment of the present invention, in step s3, user is by web browser with HTTP/HTTPS protocol access
One webpage y of subscriber's main station.
Compared to the prior art, the invention has the following advantages:
User can be soft to information security by one secret webpage of some modes (such as: web browser) access in the present invention
Part transmitting order to lower levels (such as: pause is closed and is opened), so avoiding the pipe for needing to open information security software in the prior art
Platform (such as: a proprietary client software or the admin site etc. logged in by browser), then press certain step
Carrying out operation could be to information security software transmitting order to lower levels;So the professional skill requirement to user is reduced, in frequent operation
When reduce fault rate, reduce the probability of happening of whole operation system failure, and reduce security risk.This
Outside, the present invention is without the driving cooperation of additional developing kernel.
Detailed description of the invention
Fig. 1 is a preferred embodiment of the present invention schematic diagram.
Specific embodiment
With reference to the accompanying drawing, technical solution of the present invention is specifically described.
The present invention provides a kind of orders of information security software to issue new method, includes the following steps:
Step S1, when mount message security software, a HTTP/HTTPS analysis program, the HTTP/ are installed in subscriber's main station
HTTPS analysis program can capture all web-page requests;
Step S2, HTTP/HTTPS analysis program is configured, even, when HTTP/HTTPS analysis program captures a secret webpage x
When request, notification information security software executes related command;
Step S3, when user is captured with one webpage y, HTTP/HTTPS analysis program of HTTP/HTTPS protocol access subscriber's main station
Then request to webpage y compares the configuration information of webpage y and step S2: if webpage y is the same as the secret webpage of step S2
X is consistent, then notification information security software executes related command, otherwise abandons or be transmitted to web operation system for request.
The HTTP/HTTPS analysis program includes middleware software, is developed by third party's development interface of middleware
Module.
In step sl, the module that third party's development interface by middleware is developed includes that the ISAPI of IIS is screened
The Module of device, Apache and ngnix.
In step s 2, the related command that information security software executes includes pause, turns off or on.
In step s3, user is by web browser with one webpage y of HTTP/HTTPS protocol access subscriber's main station.
The following are a preferred embodiments of the invention.
A kind of order of information security software of the invention issues new method, which can effectively solve lacking for the prior art
Point, concrete scheme are (see figure 1)s:
(1) when mount message security software, a HTTP/HTTPS analysis program is installed in subscriber's main station, which catches
Obtaining all web-page requests, (implementation of the analysis program includes but is not limited to middleware software, the third by middleware
The module (such as the ISAPI screening washer of IIS, Module of Apache and ngnix etc.) of square development interface exploitation).
(2) the parsing journey that user passes through some modes (such as: the management platform of information security software) configuration step (1)
Sequence: also may not be present when analysis program captures certain secret webpage x(webpage and may be present in disk) request when, indicate
Notification information security software execution related command (such as: suspend, turn off or on).
(3) some when, user is by some modes (such as: passing through web browser) with HTTP/HTTPS protocol access
Certain webpage y of subscriber's main station.
(4) analysis program of step (1) captures request of the step (3) to webpage y, then user in y and step (2)
The information of configuration compares: if the secret webpage x of the same step of y (2) is consistent, notification information security software executes related life
Enable (such as: suspend, turn off or on), request is otherwise abandoned or is transmitted to web operation system.
Partial words meaning is as follows among the above:
Information security software: such as various antivirus softwares, various computer house keepers, various security guards, various file encryption softwares,
Various file tamper-resistant softwares (including webpage tamper-resistant software) etc. be protect user data not by illegal infringement (such as: not by
Virus infection is not illegally distorted or is deleted, not by unauthorized access etc.) have proprietary tactical management platform (such as: one
Proprietary client software or the admin site etc. logged in by browser) software.
Middleware: being that one kind can provide cooperation intercommunication, resource-sharing for one or more application programs, while can also
The software of relevant service is provided for the application program, common are IIS, Apache, Tomcat, Ngnix etc..
It should be noted that above-mentioned elaboration is presently preferred embodiments of the present invention.It is clear that the invention is not restricted to implement above
Example, can also there is many variations.What those skilled in the art directly can export or associate from present disclosure
All deformations, are considered as protection scope of the present invention.
Claims (5)
1. a kind of order of information security software issues new method, which comprises the steps of:
Step S1, when mount message security software, a HTTP/HTTPS analysis program, the HTTP/ are installed in subscriber's main station
HTTPS analysis program can capture all web-page requests;
Step S2, HTTP/HTTPS analysis program is configured, even, when HTTP/HTTPS analysis program captures a secret webpage x
When request, notification information security software executes related command;
Step S3, when user is captured with one webpage y, HTTP/HTTPS analysis program of HTTP/HTTPS protocol access subscriber's main station
Then request to webpage y compares the configuration information of webpage y and step S2: if webpage y is the same as the secret webpage of step S2
X is consistent, then notification information security software executes related command, otherwise abandons or be transmitted to web operation system for request.
2. a kind of order of information security software according to claim 1 issues new method, which is characterized in that described
The module that HTTP/HTTPS analysis program includes middleware software, is developed by third party's development interface of middleware.
3. a kind of order of information security software according to claim 1 issues new method, which is characterized in that in step S1
In, the module that third party's development interface by middleware is developed includes ISAPI screening washer, Apache and the ngnix of IIS
Module.
4. a kind of order of information security software according to claim 1 issues new method, which is characterized in that in step S2
In, the related command that information security software executes includes pause, turns off or on.
5. a kind of order of information security software according to claim 1 issues new method, which is characterized in that in step S3
In, user is by web browser with one webpage y of HTTP/HTTPS protocol access subscriber's main station.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910031009.1A CN109729172A (en) | 2019-01-14 | 2019-01-14 | A kind of order of information security software issues new method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910031009.1A CN109729172A (en) | 2019-01-14 | 2019-01-14 | A kind of order of information security software issues new method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109729172A true CN109729172A (en) | 2019-05-07 |
Family
ID=66298330
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910031009.1A Pending CN109729172A (en) | 2019-01-14 | 2019-01-14 | A kind of order of information security software issues new method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109729172A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103139152A (en) * | 2011-11-28 | 2013-06-05 | 腾讯科技(深圳)有限公司 | Method and device of visiting webpage |
CN105959313A (en) * | 2016-06-29 | 2016-09-21 | 杭州迪普科技有限公司 | Method and device for preventing HTTP proxy attack |
CN108446565A (en) * | 2018-03-08 | 2018-08-24 | 福建深空信息技术有限公司 | A kind of order delivery method of information security software |
-
2019
- 2019-01-14 CN CN201910031009.1A patent/CN109729172A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103139152A (en) * | 2011-11-28 | 2013-06-05 | 腾讯科技(深圳)有限公司 | Method and device of visiting webpage |
CN105959313A (en) * | 2016-06-29 | 2016-09-21 | 杭州迪普科技有限公司 | Method and device for preventing HTTP proxy attack |
CN108446565A (en) * | 2018-03-08 | 2018-08-24 | 福建深空信息技术有限公司 | A kind of order delivery method of information security software |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11687653B2 (en) | Methods and apparatus for identifying and removing malicious applications | |
CN105956474B (en) | Android platform software unusual checking system | |
CN103279706B (en) | Intercept the method and apparatus installing Android application program in the terminal | |
CN101675679B (en) | Application logging interface for a mobile device | |
CN103744686B (en) | Control method and the system of installation is applied in intelligent terminal | |
CN112685737A (en) | APP detection method, device, equipment and storage medium | |
CN104468546B (en) | A kind of web information processing method and firewall device, system | |
CN105656860A (en) | Safety management and control method, apparatus and system for Android system | |
US20160197950A1 (en) | Detection system and method for statically detecting applications | |
CN107273748A (en) | A kind of method that Android system Hole Detection is realized based on leak poc | |
CN111835756B (en) | APP privacy compliance detection method and device, computer equipment and storage medium | |
CN105843653A (en) | TA (trusted application) configuration method and device | |
CN110138731B (en) | Network anti-attack method based on big data | |
CN110602043A (en) | API gateway implementation system and method for mobile application | |
CN113225339B (en) | Network security monitoring method and device, computer equipment and storage medium | |
CN108183901B (en) | FPGA-based host security protection physical card and data processing method thereof | |
CN110968872A (en) | File vulnerability detection processing method and device, electronic equipment and storage medium | |
KR100736540B1 (en) | Web defacement checker and checking method thereof | |
KR102048141B1 (en) | Preemptive response system for new information security vulnerability, and method thereof | |
CN113973193A (en) | Security quality control method, electronic device and readable medium | |
JP2006094258A (en) | Terminal device, its policy forcing method, and its program | |
CN109729172A (en) | A kind of order of information security software issues new method | |
CN109960928B (en) | Method and system for processing suspicious file | |
CN111581613A (en) | Account login verification method and system | |
Zou et al. | A survey of android mobile platform security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190507 |
|
RJ01 | Rejection of invention patent application after publication |