CN110233814A - A kind of industry Internet of Things intelligent virtual private network system - Google Patents
A kind of industry Internet of Things intelligent virtual private network system Download PDFInfo
- Publication number
- CN110233814A CN110233814A CN201810179579.0A CN201810179579A CN110233814A CN 110233814 A CN110233814 A CN 110233814A CN 201810179579 A CN201810179579 A CN 201810179579A CN 110233814 A CN110233814 A CN 110233814A
- Authority
- CN
- China
- Prior art keywords
- data
- source object
- object node
- application
- data source
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 claims abstract description 50
- 230000005540 biological transmission Effects 0.000 claims abstract description 45
- 238000013523 data management Methods 0.000 claims description 26
- 238000013475 authorization Methods 0.000 claims description 21
- 238000012546 transfer Methods 0.000 claims description 7
- 238000000034 method Methods 0.000 claims description 4
- 230000008859 change Effects 0.000 claims description 3
- 238000004891 communication Methods 0.000 claims description 3
- 238000012544 monitoring process Methods 0.000 claims description 3
- 230000008569 process Effects 0.000 claims description 3
- 238000012360 testing method Methods 0.000 claims description 3
- 238000012550 audit Methods 0.000 abstract description 9
- 230000009545 invasion Effects 0.000 abstract description 3
- 230000006872 improvement Effects 0.000 description 25
- 230000007246 mechanism Effects 0.000 description 6
- 230000008901 benefit Effects 0.000 description 2
- 239000006185 dispersion Substances 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 238000004321 preservation Methods 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 208000001491 myopia Diseases 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
Abstract
The invention discloses a kind of industrial Internet of Things intelligent virtual private network systems, first, it is local that data are stored directly in data source object node, without uploading to data center, data are in dispersed distribution state, while saving mass data transimission and storage resource, data are enhanced by the extraneous difficulty invaded and stolen.Secondly as the object Node distribution of storing data is in the second network of secret, and it is completely isolated with public first network, the safety of data has further been ensured from hardware configuration.Also, the only management platform in the present invention with first network IP address, and manage and do not save any data on platform, even if external hackers invasion management platform, it can not also obtain any data.Management platform is merely responsible for carrying out authentication to the parties in request of data, and data directly upload to the request of data side by audit by object node, so that data transmission is stayed node to minimize, the data probability that leaks is preferably minimized, while having saved transimission and storage resource.
Description
Technical field
The present invention relates to a kind of industry internet platform more particularly to a kind of industrial Internet of Things intelligent virtual private network systems.
Background technique
With the arriving of big data era, the mechanisms such as more and more governments, enterprise, which come to realise data, to be become
Most important assets are organized, data analysis capabilities are becoming the core competitiveness of tissue, and have started large-scale investment.
During Informatization Development, construction in different times, by projects investment sources are different, implementation management is different,
Operation and maintenance dispersion etc. restricts, and all kinds of business application systems all largely exist in links, information resources dispersion, each business system
Interface between system is many and diverse, and there are information islands.Lack the unified management mechanism of information resources, informatization and service management
Service convergence degree is insufficient.
And there are mass data repeated acquisitions to store link, while occupying bulk information transimission and storage resource,
Data user rate is extremely low.It is counted according to utilization rate of certain pipeline company to the data for acquiring, uploading and storing in its near-sighted year, discovery
Real data utilization rate only accounts for the 0.75% of total amount of data, and data collected occupy mass data transmission bandwidth resource and storage
Resource.
Existing civilian cloud platform, data transfer to platform storage and management, and Information Security and privacy can not obtain
To guarantee, a possibility that there are leaking datas.It can not be for used in industrial circle.
It was found by the inventors of the present invention that in industrial circle, lacking can be types of applications or be multiple enterprises in an enterprise
Public use, and can effective guarantee data owner to data control power data control platform.
Summary of the invention
The purpose of the present invention is to provide a kind of industrial Internet of Things intelligent virtual private network systems, so that the safety of industrial information
Effective guarantee can be obtained, industrial information is avoided to be repeated acquisition, transmission, processing, saves the same of data transimission and storage resource
When, effectively applications is avoided directly to contact industrial data, is all kinds of applications while ensureing industrial data safety
Unified, convenient data call environment is provided.
In order to solve the above technical problems, embodiments of the present invention provide a kind of industrial Internet of Things intelligent virtual private network system
System, comprising:
Manage platform, the management platform includes first network IP address, each application pass through the first network with it is described
It manages platform and establishes communication connection, send request of data to the management platform;
The management platform is connect by the second network with each data source object node, the management platform and each data source
Object node separately includes one second network ip address;The first network and second network are mutually indepedent;
The management platform includes data management server, and the data management server is used to receive in the management platform
When to request of data from each application, authorization identifying is carried out to the application, if by authorization identifying, for the application point
With one second network ip address, the second network ip address and content data request of the application are sent to requested date institute
Belong to data source object node;Indicate that the data source object node is established by the second network ip address of the application and the application
Requested data are sent to the application by the connection of the second network security.
Embodiment of the present invention in terms of existing technologies, since to be stored directly in data source object node local for data,
Without uploading to data center, data are in dispersed distribution state, while saving mass data transimission and storage resource, increase
Strong data are by the extraneous difficulty invaded and stolen.Also, since the data source object Node distribution of storing data is in the of secret
Two networks, it is completely isolated with public first network, the safety of data has further been ensured from hardware configuration.Also, this
Only management platform in embodiment with first network IP address, and manage and do not save any data on platform, it is external black
Even if visitor's invasion management platform, can not also obtain any data.Management platform is merely responsible for carrying out permission to the party in request of data
Audit establishes secure connection between request of data side and data source object node, data are directly by data source after through audit
Object node uploads to the request of data side by audit, to be stayed node to minimize data transmission, data leak probability
It is preferably minimized, while ensureing safe, has saved transimission and storage resource to the full extent.
As a further improvement, the first network is generally public internet, second network is generally industry mutually
Networking.
As a further improvement, second network includes independent domain name resolution server, each data source object section
For point in management platform registration, domain name resolution server is that the data source object node distributes the second network IP
Address.By independent domain name mapping mechanism, physically with ensure the second network absolutely independently of first network in mechanism.
As a further improvement, the data management server of the management platform carries out authorization identifying at least to the application
Include:
The identity information of the application is authenticated;And/or
Authentication is carried out to the content data request of the application.
As a further improvement, the data management server is also used to save the data grant text of each data source object node
Part finds the corresponding data grant text of the affiliated data source object node of requested date when receiving the request of data for carrying out self-application
Part carries out authorization identifying to the application according to the data grant file.The data grant text of each data source object node
Part is arranged from data source object node owner to the management platform.Data management server is only holding for data grant file
Row side, itself does not have the permission of setting data grant file, can not permit without authorization or the transmission of forbidden data, so as to
Effectively prevent to manage a possibility that leaking data occurs for platform interior, it is ensured that have and only data resource owner provides with data
Permission, the proprietary equity of effective guarantee data source object node are managed in the transmission in source.
As a further improvement, the data management server is also used to receiving data source object node owner setting
When data grant file, the data grant backup for requesting it to save to the corresponding data source object node of the data grant file is literary
Part, by the data grant file compared with the data grant backup file received pair, if unanimously, saving the data and awarding
Weigh file.Even if also can not generate actual influence to which data grant file is tampered in transmission process to data information, have
Effect ensures the safety of data information.
As a further improvement, the data management server be also used to receive from data source object node it is proprietary
When modified data grant file, the number of its preservation is requested to the corresponding data source object node of data grant file to be modified
According to transmission authorization rule backup file, by the data grant file received compared with data transmission grant regular backup file pair,
If consistent, the modified data grant file is replaced into original.
When asset owner needs to modify the data grant file of owned data source object node, need to modify
It is while data grant file afterwards is sent to the industrial data management platform, modified data transmission grant rule is standby
Part file is stored on the data source object node;Data management server is by the data grant file received and data source object section
Data transmission grant regular backup file on point is compared to pair, if unanimously, the modified data grant file replaced
Change original.Even if altered data authority can not also save, industrial number to which assault industrial data manages platform
Authorization rule file after distorting according to management platform is compared with the backup file on data source object node, can find to leak
Hole, to refuse to modify.The data information security of the effective guarantee data assets owner.
As a further improvement, the data management server is also used to be possessed in the data source object node owner
Data source object number of nodes it is more than one when, to the owner under one's name all data source object nodes request its save data pass
Defeated authorization rule backup file;The data grant file that needs are saved or replaced and each data transmission grant rule received are standby
Part file compares one by one, if matching rate is greater than preset value, saves or replace the data grant file.To further increase
The difficulty for having added hacker's altered data transmission rule backup file, enhances the data information security of the data assets owner.
As a further improvement, the management platform be arranged when being also used to according to the data source object Node registry it is all
People's identity information verifies data source object node owner's identity, recognizes by data source object node owner's identity
After card, the proprietary data grant file of the data source object node is received.
As a further improvement, the second network security between the data source object node and application connects are as follows: the number
According to the dedicated connection of unidirectional virtual of source object node to the application.Even if to be established between applications and data source object node
Connection can only also obtain the data by authorization audit from object node, can not carry out any operation to data source object node, ensure
The safety of data source object node in second network.
As a further improvement, the application comes from following arbitrary equipment: personal PC, mobile terminal, cloud platform or center
Server etc..
As a further improvement, the management platform sends out the second network ip address and content data request of the application
When giving the affiliated data source object node of requested date, information also is managed comprising data set transmissions;The data transmission control letter
Breath includes following one or any combination thereof: when data transmission start time, data transmission period length, the data transfer ends
Between, document data transfer type, establish connection type;Indicate the data source object node in transmission control information instruction model
The second network security enclosed between interior foundation and the application connects, and requested data are sent to the application.Pass through logarithm
Security restriction is carried out according to transmission time, transmission form, data chain can be further prevented to be cracked and usurped by criminal.
As a further improvement, the data source object node, which includes at least data, acquires and saves function, for obtaining simultaneously
Industrial control equipment items industrial data information is saved, the industrial data information includes at least following one:
The testing number that the industrial data information that generates in the industrial control equipment operational process, the monitoring industrial control equipment obtain
It is believed that breath, etc..
Detailed description of the invention
Fig. 1 is the industrial Internet of Things intelligent virtual private network system structure chart of a better embodiment according to the present invention.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing to each reality of the invention
The mode of applying is explained in detail.However, it will be understood by those skilled in the art that in each embodiment of the present invention,
In order to make the reader understand this application better, many technical details are proposed.But even if without these technical details and base
In the various changes and modifications of following embodiment, each claim of the application technical side claimed also may be implemented
Case.
A better embodiment of the invention is related to a kind of industrial Internet of Things intelligent virtual private network system, as shown in Figure 1, packet
It includes:
Manage platform, the management platform includes first network IP address, each application pass through the first network with it is described
It manages platform and establishes communication connection, send request of data to the management platform;
The management platform is connect by the second network with each data source object node, the management platform and each data source
Object node separately includes one second network ip address;The first network and second network are mutually indepedent;
The management platform includes data management server, and the data management server is used to receive in the management platform
When to request of data from each application, authorization identifying is carried out to the application, if by authorization identifying, for the application point
With one second network ip address, the second network ip address and content data request of the application are sent to requested date institute
Belong to data source object node;Indicate that the data source object node is established by the second network ip address of the application and the application
Requested data are sent to the application by the connection of the second network security.
Embodiment of the present invention in terms of existing technologies, since to be stored directly in data source object node local for data,
Without uploading to data center, data are in dispersed distribution state, while saving mass data transimission and storage resource, increase
Strong data are by the extraneous difficulty invaded and stolen.Also, since the data source object Node distribution of storing data is in the of secret
Two networks, it is completely isolated with public first network, the safety of data has further been ensured from hardware configuration.Also, this
Only management platform in embodiment with first network IP address, and manage and do not save any data on platform, it is external black
Even if visitor's invasion management platform, can not also obtain any data.Management platform is merely responsible for carrying out permission to the party in request of data
Audit establishes secure connection between request of data side and data source object node, data are directly by data source after through audit
Object node uploads to the request of data side by audit, thus ensure it is safe while, saved to the full extent transmission and
Storage resource.
As a further improvement, the first network is generally public internet, second network is generally industry mutually
Networking.
As a further improvement, second network includes independent domain name resolution server, each data source object section
For point in management platform registration, domain name resolution server is that the data source object node distributes the second network IP
Address.By independent domain name mapping mechanism, physically with ensure the second network absolutely independently of first network in mechanism.
As a further improvement, the data management server of the management platform carries out authorization identifying at least to the application
Include:
The identity information of the application is authenticated;And/or
Authentication is carried out to the content data request of the application.
As a further improvement, the data management server is also used to save the data grant text of each data source object node
Part finds the corresponding data grant text of the affiliated data source object node of requested date when receiving the request of data for carrying out self-application
Part carries out authorization identifying to the application according to the data grant file.Data management server is only data grant text
The execution side of part, itself does not have the permission of setting data grant file, can not permit without authorization or the transmission of forbidden data, from
And it can effectively prevent to manage a possibility that leaking data occurs for platform interior, the proprietary power of effective guarantee data source object node
Benefit.
As a further improvement, the data grant file of each data source object node from data source object node owner to
The management platform setting.So that it is guaranteed that have and only data resource owner have data resource transmission control permission.
As a further improvement, the data management server is also used to receiving data source object node owner setting
When data grant file, the data grant backup for requesting it to save to the corresponding data source object node of the data grant file is literary
Part, by the data grant file compared with the data grant backup file received pair, if unanimously, saving the data and awarding
Weigh file.Even if also can not generate actual influence to which data grant file is tampered in transmission process to data information, have
Effect ensures the safety of data information.
As a further improvement, the data management server be also used to receive from data source object node it is proprietary
When modified data grant file, the number of its preservation is requested to the corresponding data source object node of data grant file to be modified
According to transmission authorization rule backup file, by the data grant file received compared with data transmission grant regular backup file pair,
If consistent, the modified data grant file is replaced into original.
When asset owner needs to modify the data grant file of owned data source object node, need to modify
It is while data grant file afterwards is sent to the industrial data management platform, modified data transmission grant rule is standby
Part file is stored on the data source object node;Data management server is by the data grant file received and data source object section
Data transmission grant regular backup file on point is compared to pair, if unanimously, the modified data grant file replaced
Change original.Even if altered data authority can not also save, industrial number to which assault industrial data manages platform
Authorization rule file after distorting according to management platform is compared with the backup file on data source object node, can find to leak
Hole, to refuse to modify.The data information security of the effective guarantee data assets owner.
As a further improvement, the data management server is also used to be possessed in the data source object node owner
Data source object number of nodes it is more than one when, to the owner under one's name all data source object nodes request its save data pass
Defeated authorization rule backup file;The data grant file that needs are saved or replaced and each data transmission grant rule received are standby
Part file compares one by one, if matching rate is greater than preset value, saves or replace the data grant file.To further increase
The difficulty for having added hacker's altered data transmission rule backup file, enhances the data information security of the data assets owner.
As a further improvement, the management platform be arranged when being also used to according to the data source object Node registry it is all
People's identity information verifies data source object node owner's identity, recognizes by data source object node owner's identity
After card, the proprietary data grant file is received, original is saved or replaced.
As a further improvement, the second network security between the data source object node and application connects are as follows: the number
According to the dedicated connection of unidirectional virtual of source object node to the application.Even if to be established between applications and data source object node
Connection can only also obtain the data by authorization audit from object node, can not carry out any operation to data source object node, ensure
The safety of data source object node in second network.
As a further improvement, the application comes from following arbitrary equipment: personal PC, mobile terminal, cloud platform or center
Server etc..
As a further improvement, the management platform sends out the second network ip address and content data request of the application
When giving the affiliated data source object node of requested date, information also is managed comprising data set transmissions;The data transmission control letter
Breath includes following one or any combination thereof: when data transmission start time, data transmission period length, the data transfer ends
Between, document data transfer type, establish connection type;Indicate the data source object node in transmission control information instruction model
The second network security enclosed between interior foundation and the application connects, and requested data are sent to the application.Pass through logarithm
Security restriction is carried out according to transmission time, transmission form, data chain can be further prevented to be cracked and usurped by criminal.
As a further improvement, the data source object node, which includes at least data, acquires and saves function, for obtaining simultaneously
Industrial control equipment items industrial data information is saved, the industrial data information includes at least following one:
The testing number that the industrial data information that generates in the industrial control equipment operational process, the monitoring industrial control equipment obtain
It is believed that breath, etc..
It will be understood by those skilled in the art that the respective embodiments described above are to realize specific embodiments of the present invention,
And in practical applications, can to it, various changes can be made in the form and details, without departing from the spirit and scope of the present invention.
Claims (12)
1. a kind of industry Internet of Things intelligent virtual private network system characterized by comprising
Platform is managed, the management platform includes first network IP address, and each application passes through the first network and the management
Platform establishes communication connection, sends request of data to the management platform;
The management platform is connect by the second network with each data source object node, the management platform and each data source object section
Point separately includes one second network ip address;The first network and second network are mutually indepedent;
The management platform includes data management server, and the data management server is used to receive in the management platform
When from the request of data of each application, authorization identifying is carried out to the application, if by authorization identifying, for the application distribution one
The second network ip address and content data request of the application are sent to number belonging to requested date by the second network ip address
According to source object node;Indicate that the data source object node establishes second by the second network ip address and the application of the application
Requested data are sent to the application by network security connection.
2. industry Internet of Things intelligent virtual private network system according to claim 1, which is characterized in that the first network is public affairs
Internet altogether, second network are industry internet.
3. industry Internet of Things intelligent virtual private network system according to claim 1, which is characterized in that second network includes
Independent domain name resolution server, each data source object node is when the management platform is registered, domain name analysis service
Device is that the data source object node distributes second network ip address.
4. industry Internet of Things intelligent virtual private network system according to claim 1, which is characterized in that the number of the management platform
Authorization identifying is carried out to the application according to management server to include at least:
The identity information of the application is authenticated;And/or
Authentication is carried out to the content data request of the application.
5. industry Internet of Things intelligent virtual private network system according to claim 1, which is characterized in that the data management service
Device is also used to save the data grant file of each data source object node, when receiving the request of data for carrying out self-application, finds and is asked
The corresponding data grant file of the affiliated data source object node of data is sought, the application is awarded according to the data grant file
Power certification;The data grant file of each data source object node is set from data source object node owner to the management platform
It sets.
6. industry Internet of Things intelligent virtual private network system according to claim 5, which is characterized in that the data management service
Device is also used to when receiving the data grant file of data source object node owner setting, to the corresponding number of data grant file
According to the data grant backup file that source object node requests it to save, the data grant file is backed up with the data grant received
File is compared to pair, if unanimously, saving the data grant file.
7. industry Internet of Things intelligent virtual private network system according to claim 6, which is characterized in that the data management service
Device is also used to award when receiving modified data grant file proprietary from data source object node to data to be modified
The data transmission grant regular backup file that the corresponding data source object node of power file requests it to save, the data grant that will be received
File is compared with data transmission grant regular backup file pair, if unanimously, the modified data grant file replaced
Change original.
8. industry Internet of Things intelligent virtual private network system according to claim 7, which is characterized in that the data management service
Device is also used to when the data source object number of nodes that the data source object node owner is possessed is more than one, to the owner
The data transmission grant regular backup file that all data source object nodes request it to save under one's name;The number that will need to save or replace
It is compared one by one according to authority with each data transmission grant regular backup file received, if matching rate is greater than preset value,
Save or replace the data grant file.
9. industry Internet of Things intelligent virtual private network system according to claim 5, which is characterized in that the management platform is also used
The owner's identity information being arranged when according to the data source object Node registry verifies all person of data source object node
Part, after through data source object node owner's authentication, receives the proprietary data of data source object node and award
Weigh file.
10. industry Internet of Things intelligent virtual private network system according to claim 1, which is characterized in that the data source object section
The second network security between point and application connects are as follows: the dedicated company of unidirectional virtual of data source object node to the application
It connects.
11. industry Internet of Things intelligent virtual private network system according to claim 1, which is characterized in that the management platform will
When the second network ip address and content data request of the application are sent to requested date affiliated data source object node, also wrap
Information is managed containing data set transmissions;The data transmission control information includes following one or any combination thereof: data are transmitted
Time beginning, the data transfer ends time, document data transfer type, establishes connection type at data transmission period length;Instruction institute
The second network security connection that data source object node is established in the transmission control information indicating range between the application is stated,
Requested data are sent to the application.
12. industry Internet of Things intelligent virtual private network system according to claim 1, which is characterized in that the data source object section
Point includes at least data and acquires and save function, for obtaining and saving industrial control equipment items industrial data information, the industry
Data information includes at least following one:
Testing number that the industrial data information that generates in the industrial control equipment operational process, the monitoring industrial control equipment obtain it is believed that
Breath;
The application comes from following equipment: personal PC, mobile terminal, cloud platform or central server.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210378720.6A CN114978583A (en) | 2018-03-05 | 2018-03-05 | Intelligent virtual private network system for industrial Internet of things |
| CN201810179579.0A CN110233814B (en) | 2018-03-05 | 2018-03-05 | Intelligent virtual private network system for industrial Internet of things |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810179579.0A CN110233814B (en) | 2018-03-05 | 2018-03-05 | Intelligent virtual private network system for industrial Internet of things |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210378720.6A Division CN114978583A (en) | 2018-03-05 | 2018-03-05 | Intelligent virtual private network system for industrial Internet of things |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110233814A true CN110233814A (en) | 2019-09-13 |
| CN110233814B CN110233814B (en) | 2022-05-17 |
Family
ID=67861658
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810179579.0A Active CN110233814B (en) | 2018-03-05 | 2018-03-05 | Intelligent virtual private network system for industrial Internet of things |
| CN202210378720.6A Pending CN114978583A (en) | 2018-03-05 | 2018-03-05 | Intelligent virtual private network system for industrial Internet of things |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210378720.6A Pending CN114978583A (en) | 2018-03-05 | 2018-03-05 | Intelligent virtual private network system for industrial Internet of things |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN110233814B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478398A (en) * | 2009-01-07 | 2009-07-08 | 中国人民解放军信息工程大学 | Authorization management system oriented to resource management and establishing method |
| CN102487383A (en) * | 2010-12-02 | 2012-06-06 | 上海可鲁系统软件有限公司 | Industrial internet distributed system safety access control device |
| CN103119907A (en) * | 2010-07-21 | 2013-05-22 | 思杰系统有限公司 | Systems and methods for providing a smart group |
| US20130191907A1 (en) * | 2010-09-30 | 2013-07-25 | Siemens Aktiengesellschaft | Method and System for Secure Data Transmission with a VPN Box |
| CN107005547A (en) * | 2014-09-30 | 2017-08-01 | 思杰系统有限公司 | For the system and method for the single-sign-on that the remote desktop session for client computer is performed by middle device |
| CN107078936A (en) * | 2014-08-19 | 2017-08-18 | 思杰系统有限公司 | For the system and method for the fine granularity control for providing the MSS values connected to transport layer |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8259597B1 (en) * | 2006-08-16 | 2012-09-04 | Bally Gaming, Inc. | System for managing IP addresses in a network gaming environment |
| CN104767715B (en) * | 2014-01-03 | 2018-06-26 | 华为技术有限公司 | Access control method and equipment |
| CN105871950A (en) * | 2015-01-21 | 2016-08-17 | 上海可鲁系统软件有限公司 | Method and system for managing industrial internet of things automatic access and data authorization |
| CN107231336A (en) * | 2016-03-25 | 2017-10-03 | 中兴通讯股份有限公司 | A kind of access control method, device and the gateway device of LAN Intranet resource |
| CN107426339B (en) * | 2017-09-04 | 2020-05-26 | 珠海迈越信息技术有限公司 | Access method, device and system of data connection channel |
-
2018
- 2018-03-05 CN CN201810179579.0A patent/CN110233814B/en active Active
- 2018-03-05 CN CN202210378720.6A patent/CN114978583A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478398A (en) * | 2009-01-07 | 2009-07-08 | 中国人民解放军信息工程大学 | Authorization management system oriented to resource management and establishing method |
| CN103119907A (en) * | 2010-07-21 | 2013-05-22 | 思杰系统有限公司 | Systems and methods for providing a smart group |
| US20130191907A1 (en) * | 2010-09-30 | 2013-07-25 | Siemens Aktiengesellschaft | Method and System for Secure Data Transmission with a VPN Box |
| CN102487383A (en) * | 2010-12-02 | 2012-06-06 | 上海可鲁系统软件有限公司 | Industrial internet distributed system safety access control device |
| CN107078936A (en) * | 2014-08-19 | 2017-08-18 | 思杰系统有限公司 | For the system and method for the fine granularity control for providing the MSS values connected to transport layer |
| CN107005547A (en) * | 2014-09-30 | 2017-08-01 | 思杰系统有限公司 | For the system and method for the single-sign-on that the remote desktop session for client computer is performed by middle device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110233814B (en) | 2022-05-17 |
| CN114978583A (en) | 2022-08-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2019206006B2 (en) | System and method for biometric protocol standards | |
| CN102651775B (en) | Based on method, the equipment and system of many tenants shared object management of cloud computing | |
| JP6556706B2 (en) | Systems and methods for encryption key management, collaboration, and distribution | |
| CN106471783B (en) | Via the business system certification and authorization of gateway | |
| WO2018213519A1 (en) | Secure electronic transaction authentication | |
| CN109361753A (en) | A kind of Internet of things system framework and encryption method | |
| CN108537046A (en) | A kind of online contract signature system and method based on block chain technology | |
| AU2016228528A1 (en) | Systems and methods for organizing devices in a policy hierarchy | |
| CN104253810B (en) | Safe login method and system | |
| CN109525570A (en) | A kind of data hierarchy safety access control method of Cargo Oriented on Group client | |
| CN108881309A (en) | Access method, device, electronic equipment and the readable storage medium storing program for executing of big data platform | |
| AU2017222580A1 (en) | Policy-enabled encryption keys having ephemeral policies | |
| CN112202708A (en) | Identity authentication method and device, electronic equipment and storage medium | |
| CN103795582A (en) | Test method realized based on cloud service platform | |
| Pal et al. | On the design of security mechanisms for the Internet of Things | |
| Goel et al. | A resilient network that can operate under duress: To support communication between government agencies during crisis situations | |
| Talib et al. | Towards new data access control technique based on multi agent system architecture for cloud computing | |
| Khan et al. | A model-driven approach for access control in internet of things (IoT) applications–an introduction to UMLOA | |
| CN106302425A (en) | A kind of virtualization system communication method between nodes and virtualization system thereof | |
| CN108449364A (en) | A kind of distributed identity authentication method and cloud certification node | |
| CN115396229B (en) | Cross-domain resource isolation sharing system based on blockchain | |
| CN104009846B (en) | A kind of single-sign-on apparatus and method | |
| CN110233814A (en) | A kind of industry Internet of Things intelligent virtual private network system | |
| Ishaya et al. | Trust development and management in virtual communities | |
| US20220255970A1 (en) | Deploying And Maintaining A Trust Store To Dynamically Manage Web Browser Extensions On End User Computing Devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 201203 403d, building 5, No. 3000, Longdong Avenue, Pudong New Area, Shanghai Applicant after: Shanghai Kelu Software Co.,Ltd. Address before: 201203 Shanghai city Pudong New Area road 887 Lane 82 Zuchongzhi Building No. two North Applicant before: Shanghai Kelu Software Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20231106 Address after: 201203 north, 2nd floor, No.82, Lane 887, Zuchongzhi Road, Pudong New Area, Shanghai Patentee after: Shanghai Kelu Software Co.,Ltd. Patentee after: Shanghai Left Bank Investment Management Co.,Ltd. Address before: 201203 403D 5, 3000 Longdong Avenue, Pudong New Area, Shanghai. Patentee before: Shanghai Kelu Software Co.,Ltd. |