CN110365701A - The management method of customer terminal equipment, calculates equipment and storage medium at device - Google Patents

The management method of customer terminal equipment, calculates equipment and storage medium at device Download PDF

Info

Publication number
CN110365701A
CN110365701A CN201910694060.0A CN201910694060A CN110365701A CN 110365701 A CN110365701 A CN 110365701A CN 201910694060 A CN201910694060 A CN 201910694060A CN 110365701 A CN110365701 A CN 110365701A
Authority
CN
China
Prior art keywords
terminal equipment
subscriber terminal
token
port
mapped port
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910694060.0A
Other languages
Chinese (zh)
Other versions
CN110365701B (en
Inventor
王华涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cloudminds Shanghai Robotics Co Ltd
Original Assignee
Cloudminds Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cloudminds Inc filed Critical Cloudminds Inc
Priority to CN201910694060.0A priority Critical patent/CN110365701B/en
Publication of CN110365701A publication Critical patent/CN110365701A/en
Application granted granted Critical
Publication of CN110365701B publication Critical patent/CN110365701B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Computer And Data Communications (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present embodiments relate to fields of communication technology, and management method, device, calculating equipment and storage medium, the method for disclosing a kind of customer terminal equipment include: to be authenticated according to the sequence number and physical address of subscriber terminal equipment to subscriber terminal equipment;When passing through certification, the port numbers and token of the external mapped port of subscriber terminal equipment are obtained according to current time stamp, sequence number and physical address, and are sent to subscriber terminal equipment;It receives the token of the slave subscriber terminal equipment acquisition of subscriber terminal equipment management server transmission and is verified;When token passes through verifying, return with the security strategy of token matched to subscriber terminal equipment management server to be associated with according to mapped port of the security strategy to subscriber terminal equipment management server with the foundation of the external mapped port of subscriber terminal equipment.By the above-mentioned means, the embodiment of the present invention can dynamically load security strategy by dynamic serve port to improve the safety of cpe device management.

Description

The management method of customer terminal equipment, calculates equipment and storage medium at device
Technical field
The present embodiments relate to fields of communication technology, and in particular to a kind of management method of customer terminal equipment, device, Calculate equipment and storage medium.
Background technique
In current network, customer terminal equipment (Customer Premise Equipment, CPE) has been obtained extensively Use.With the raising of device intelligence degree, CPE, which can not have to user intervention, just can be carried out configuration and upgrading, here it is The zero contact deployment often said.But when the contact deployment of Yao Shixian zero, need to be pre-configured some information in advance into CPE, and And many times, CPE is deployed in intranet environment, is just needed the management of CPE using Intranet through-transmission technique, by CPE's Some serve ports, which are opened to, to be come, and stringent limitation access connection.
In traditional Intranet penetrating method, the serve port that an Intranet equipment externally maps be it is constant, on public network Mapping server the connection of the equipment of Intranet is also only simply authenticated, be managed there is no corresponding strategy.
Summary of the invention
In view of the above problems, the embodiment of the invention provides a kind of management method of customer terminal equipment, mobile device, meters Equipment and storage medium are calculated, the above problem is overcome or at least has been partially solved the above problem.
According to an aspect of an embodiment of the present invention, a kind of management method of customer terminal equipment, the method are provided It include: to be authenticated according to the sequence number and physical address of subscriber terminal equipment to the subscriber terminal equipment;In the user When terminal device passes through certification, the user terminal is obtained according to current time stamp, the sequence number and the physical address The port numbers and token of the external mapped port of equipment, and it is sent to the subscriber terminal equipment;Receive subscriber terminal equipment pipe The token of reason server transport obtained from the subscriber terminal equipment is simultaneously verified;Pass through verifying in the token When, Xiang Suoshu subscriber terminal equipment management server returns to the security strategy with the token matched according to the security strategy The mapped port of the subscriber terminal equipment management server and the external mapped port of the subscriber terminal equipment are built Vertical association.
In a kind of optional mode, it is described when the subscriber terminal equipment passes through certification according to current time stamp, institute State sequence number and the physical address obtain the subscriber terminal equipment external mapped port port numbers and token, packet It includes: the character string of the current time stamp, the sequence number and the physical address is attached;According to the institute after connection State port numbers and token that character string obtains the external mapped port of the subscriber terminal equipment.
In a kind of optional mode, the character string according to after connection obtains the institute of the subscriber terminal equipment State the port numbers and token of external mapped port, comprising: the character string application hash algorithm after connection is obtained into the first number Word;First number is subjected to complementation with preset number, the digital institute for the subscriber terminal equipment of second obtained State the port numbers of external mapped port;The character string after connection is encoded to obtain the subscriber terminal equipment and described The token of subscriber terminal equipment management server.
Other side according to an embodiment of the present invention provides a kind of management method of customer terminal equipment, the side Method includes: to obtain the connection that subscriber terminal equipment is sent to establish request, and it includes the user terminal in request that the connection, which is established, The port numbers and token of the external mapped port of equipment;It responds the connection and establishes request, and the token is sent to user Terminal equipment control is to be verified;Obtain the safety with the token matched that the subscriber terminal equipment controller returns Strategy;Mapped port is associated with the external mapped port foundation of the subscriber terminal equipment according to the security strategy.
In a kind of optional mode, it is described according to the security strategy to mapped port and the subscriber terminal equipment The external mapped port establishes association, comprising: judges whether the external mapped port of the subscriber terminal equipment meets The security strategy;If meeting the security strategy, to the described right of the mapped port and the subscriber terminal equipment Outer mapped port establishes association;If not meeting the security strategy, the connection with the subscriber terminal equipment is disconnected.
In a kind of optional mode, it is described according to the security strategy to mapped port and the subscriber terminal equipment The external mapped port is established after association, the method also includes: the institute for needing to manage by mapped port connection State subscriber terminal equipment;The configuration of the subscriber terminal equipment is checked or modified by the mapped port.
Another aspect according to an embodiment of the present invention provides a kind of managing device of customer terminal equipment, the client The managing device of terminal device includes: authentication unit, for the sequence number and physical address according to subscriber terminal equipment to described Subscriber terminal equipment is authenticated;Token generation unit, for when the subscriber terminal equipment passes through certification, according to it is current when Between stamp, the sequence number and the physical address obtain the subscriber terminal equipment external mapped port port numbers and order Board, and it is sent to the subscriber terminal equipment;Token authentication unit, for receiving the transmission of subscriber terminal equipment management server From the subscriber terminal equipment obtain the token and verified;Strategy matching unit is tested for passing through in the token When card, Xiang Suoshu subscriber terminal equipment management server returns to the security strategy with the token matched according to the safe plan Slightly to the external mapped port of the mapped port of the subscriber terminal equipment management server and the subscriber terminal equipment Establish association.
Another aspect according to an embodiment of the present invention provides a kind of managing device of customer terminal equipment, the client The managing device of terminal device includes: request unit, and request, institute are established in the connection for obtaining subscriber terminal equipment transmission State the port numbers and token of the external mapped port that connection is established in request including the subscriber terminal equipment;Request response is single Member establishes request for responding the connection, and the token is sent to the user terminal device controller to verify;Plan Slightly acquiring unit, the security strategy with the token matched returned for obtaining the subscriber terminal equipment controller;Association Unit is established, for building according to the security strategy to mapped port and the external mapped port of the subscriber terminal equipment Vertical association.
Another aspect according to an embodiment of the present invention provides a kind of calculating equipment, comprising: processor, memory, communication Interface and communication bus, the processor, the memory and the communication interface are completed mutual by the communication bus Communication;
For the memory for storing an at least executable instruction, it is above-mentioned that the executable instruction executes the processor The step of management method of customer terminal equipment.
Another aspect according to an embodiment of the present invention provides a kind of computer storage medium, deposits in the storage medium Contain an at least executable instruction, the executable instruction makes the processor execute the management method of above-mentioned customer terminal equipment The step of.
The management method of the customer terminal equipment of the embodiment of the present invention includes;According to the sequence number and object of subscriber terminal equipment Reason address authenticates the subscriber terminal equipment;When the subscriber terminal equipment passes through certification, according to current time stamp, The sequence number and the physical address obtain the port numbers and token of the external mapped port of the subscriber terminal equipment, and It is sent to the subscriber terminal equipment;Receive obtaining from the subscriber terminal equipment for subscriber terminal equipment management server transmission The token and verified;When the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server return with The security strategy of the token matched is with the mapping end according to the security strategy to the subscriber terminal equipment management server Mouth is associated with the external mapped port foundation of the subscriber terminal equipment, can be by dynamic serve port, dynamically Security strategy is loaded to improve the safety of cpe device management.
Above description is only the general introduction of technical solution of the embodiment of the present invention, in order to better understand the embodiment of the present invention Technological means, and can be implemented in accordance with the contents of the specification, and in order to allow above and other mesh of the embodiment of the present invention , feature and advantage can be more clearly understood, the followings are specific embodiments of the present invention.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the present invention Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows the structural schematic diagram of the management system of customer terminal equipment provided in an embodiment of the present invention;
Fig. 2 shows the flow diagrams of the management method of customer terminal equipment provided in an embodiment of the present invention;
Fig. 3 shows the flow diagram of the management method of another customer terminal equipment provided in an embodiment of the present invention;
Fig. 4 shows the structural schematic diagram of the managing device of customer terminal equipment provided in an embodiment of the present invention;
Fig. 5 shows the structural schematic diagram of the managing device of another customer terminal equipment provided in an embodiment of the present invention;
Fig. 6 shows the structural schematic diagram provided in an embodiment of the present invention for calculating equipment;
Fig. 7 shows another structural schematic diagram for calculating equipment provided in an embodiment of the present invention.
Specific embodiment
The exemplary embodiment that the present invention will be described in more detail below with reference to accompanying drawings.Although showing the present invention in attached drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the present invention without should be by embodiments set forth here It is limited.It is to be able to thoroughly understand the present invention on the contrary, providing these embodiments, and can be by the scope of the present invention It is fully disclosed to those skilled in the art.
Fig. 1 shows the structural schematic diagram of the management system of customer terminal equipment provided in an embodiment of the present invention, such as Fig. 1 institute Show, the management system of customer terminal equipment include: subscriber terminal equipment (CPE) 10, subscriber terminal equipment management server 20 with And subscriber terminal equipment controller 30.Subscriber terminal equipment 10 is located in Intranet, wherein being equipped with snap back agency (Fast Reverse Proxy, frp) client software, it is pre-configured the information such as domain name, external mapped port of frp server-side and soft Part defines the information of boundary (Softw are Defined Perimeter, SDP) controller.Subscriber terminal equipment management service Device 20 and subscriber terminal equipment controller 30 are located in public network, and subscriber terminal equipment management server 20 is equipped with frp service Software is held, the information of SDP controller is pre-configured.Between subscriber terminal equipment 10 and subscriber terminal equipment controller 30, Yi Jiyong Family terminal equipment control 30 and subscriber terminal equipment management server 20 are provided with control channel with transmission of control signals, user Control channel and data channel are provided between terminal device 10 and subscriber terminal equipment management server 20 to transmit control respectively Signal and data information processed.
The architecture on software definition boundary (Softw are Defined Perimeter, SDP) consists of two parts: SDP host and SDP controller.SDP host can star connection or receive connection, pass through the friendship of control channel and SDP controller Mutually manage.In the boundary of software definition, controls plane and bigger retractility may be implemented in data planar separation.SDP control Device processed can be authenticated and be authorized, and SDP host may be coupled to SDP controller and carry out authentication, and be taken from SDP controller The list information of business host, SDP receives host and SDP host is communicated, and communicates with SDP controller, obtains service strategy.
Frp is that the Intranet of open source penetrates software, and the transmission control protocol (Transmission of Intranet and outer net may be implemented Control Protocol, TCP), the network connection of User Datagram Protocol (User Datagram Protocol, UDP), lead to The outer net port for crossing frp server-side may map to the internal services port of frp client, so as to by internal safety The services such as shell agreement (Secure Shell, SSH), web are supplied to outside access.The embodiment of the present invention according to the characteristics of SDP and CPE needs to penetrate the demand of Intranet, and the two is combined, and the safety of the external mapped port of CPE can be improved.
In embodiments of the present invention, subscriber terminal equipment (CPE) 10, subscriber terminal equipment management server 20 and user Terminal equipment control 30 may include such as mobile phone, tablet computer, laptop, palm PC, personal digital assistant (Personal Digital Assistant, PDA), portable media player (Portable Media Player, PMP), The mobile terminals such as navigation device, wearable device, Intelligent bracelet, pedometer also may include the fixed terminals such as personal computer.
In embodiments of the present invention, subscriber terminal equipment 10 is by the network interface card media of its sequence number and Ethernet (ethernet) Access control (Media Access Control, MAC), i.e. physical address, be sent to subscriber terminal equipment controller 30 into Row certification.When subscriber terminal equipment 10 passes through certification, subscriber terminal equipment controller 30 certification by when current time stamp, should The sequence number of CPE 10, this several information of MAC Address of Network Card character string be attached, by after connection character string use BKDRHash method carries out Hash operation, and the obtain after Hash operation first number and preset number are carried out complementation, taken Port numbers of the second number obtained after remaining operation as the external mapped port of the CPE 10, wherein externally mapped port is The port of the 10 external mapping network (WEB) of CPE service.By certification by when current time stamp, the sequence of the CPE 10 Number, the character string of this several information of MAC Address of Network Card connect, MD5 coding is done to the character string after connection, MD5 is encoded Token (token) as CPE and CPE management server.Subscriber terminal equipment controller 30 will return to externally reflecting for CPE 10 Penetrate port port numbers and token to CPE 10 frp client;And the port numbers of external mapped port and token are carried out Record.The certification of CPE 10 does not pass through, and subscriber terminal equipment controller 30 will return to the information of 10 mistake of CPE.
CPE 10 requests connection subscriber terminal equipment management server 20, by the port numbers of token and external mapped port It is sent to subscriber terminal equipment management server 20.After subscriber terminal equipment management server 20 receives request, token is sent out Subscriber terminal equipment controller 30 is sent to be verified.Subscriber terminal equipment controller 30 is verified after token passes through, will and this The matched security strategy rule of token returns to subscriber terminal equipment management server 20, if token authentication failed, will return Authentication failed is returned, is disconnected.
Subscriber terminal equipment management server 20 receives the sound that token is verified from subscriber terminal equipment controller 30 Ying Hou, reception and the matched security strategy of the token, first determine whether the public network outlet ip of CPE 10, i.e., external mapped port is It is no to meet security strategy, if do not met, it will be switched off the connection with CPE 10.If meeting security strategy, will be built with CPE 10 Vertical secure tunnel, and the mapped port of subscriber terminal equipment management server 20 and the external mapped port of CPE 10 are established and closed Connection, penetrates to realize Intranet.
User accesses the mapped port of subscriber terminal equipment management server 20, is connected to by browser to be managed In CPE 10, the configuration of CPE 10 is checked or modified, to realize the management to the CPE 10 of Intranet.As CPE 10 When connection network between subscriber terminal equipment management server 20 disconnects, needs to repeat abovementioned steps and obtain the new of CPE 10 External mapped port the safety of external mapped port is ensured, to improve by using dynamic external mapped port The safety of 10 equipment management of CPE.
Fig. 2 shows the flow diagram of the management method of customer terminal equipment provided in an embodiment of the present invention, this method Applied to subscriber terminal equipment controller 30 above-mentioned.As shown in Fig. 2, the management method of customer terminal equipment includes:
Step S11: the subscriber terminal equipment is authenticated according to the sequence number of subscriber terminal equipment and physical address.
After the certification of subscriber terminal equipment passes through, subsequent step S12 is executed.If the certification of subscriber terminal equipment is not led to It crosses, then returns to the message of CPE mistake to subscriber terminal equipment.
Step S12: when the subscriber terminal equipment passes through certification, according to current time stamp, the sequence number and institute Port numbers and token that physical address obtains the external mapped port of the subscriber terminal equipment are stated, and it is whole to be sent to the user End equipment.
The current time stamp, the sequence number when the subscriber terminal equipment passes through certification, when will pass through certification And the character string of the physical address is attached;The subscriber terminal equipment is obtained according to the character string after connection The port numbers and token of the external mapped port.Specifically, the character string application hash algorithm after connection is obtained One number;First number is subjected to complementation with preset number, the second obtained number is the subscriber terminal equipment The external mapped port port numbers;By the character string after connection encoded to obtain the subscriber terminal equipment and The token of the subscriber terminal equipment management server.
In embodiments of the present invention, Hash operation is carried out using BKDRHash method according to the character string after connection, Obtain after Hash operation first number and preset number are subjected to complementation;The second number obtained after remainder is i.e. as use The port numbers of the external mapped port of family terminal device.Wherein, the external mapped port of subscriber terminal equipment is user terminal The port of the external mapping WEB service of equipment.The Hash operation method of the embodiment of the present invention is not limited to BKDRHash method, when So it is also possible to other Hash operation methods;Similarly, preset number can be the number that user is set as needed, such as 10086, herein all with no restriction.MD5 coding is done to the character string after connection, regard MD5 coding as subscriber terminal equipment and institute State the token (token) of subscriber terminal equipment management server.In other embodiments of the invention, after can also be to connection Character string does other codings, herein also with no restriction.
After obtaining port numbers and the token of the external mapped port of subscriber terminal equipment, by the end of the external mapped port Slogan and token are sent to the subscriber terminal equipment, and the port numbers and token that will record the external mapped port.
Step S13: receive subscriber terminal equipment management server transmission from the subscriber terminal equipment obtain described in Token is simultaneously verified.
Subscriber terminal equipment receive the external mapped port port numbers and token after be sent to subscriber terminal equipment pipe Server is managed to request to establish connection with subscriber terminal equipment management server.In step S13, received is subscriber terminal equipment The token that management server is sended over from the subscriber terminal equipment, and the token is verified.
Step S14: when the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server is returned and the order The matched security strategy of board with according to the security strategy to the subscriber terminal equipment management server mapped port and institute The external mapped port for stating subscriber terminal equipment establishes association.
When token passes through verifying, the security strategy with the token matched is back to subscriber terminal equipment management service Device.Subscriber terminal equipment management server is when the external serve port of subscriber terminal equipment meets the security strategy to the use The mapped port of family terminal unit management server is associated with the external mapped port foundation of the subscriber terminal equipment, real Existing Intranet penetrates, and then the management to subscriber terminal equipment may be implemented, and improves the safety of cpe device management.User terminal Device management server is disconnected when the external serve port of subscriber terminal equipment does not meet the security strategy and user terminal is set Standby connection.
In embodiments of the present invention, when token is unverified, by return authentication failed as a result, disconnecting whole with user The connection of end equipment management server.
When the connection network between subscriber terminal equipment management server and subscriber terminal equipment disconnects, need to repeat to walk Rapid S11-S14, the new external mapped port of dynamic acquisition subscriber terminal equipment, ensures the external mapping end of subscriber terminal equipment The safety of mouth dynamically loads security strategy, to improve the peace of cpe device management by dynamic external mapped port Quan Xing.
The management method of the customer terminal equipment of the embodiment of the present invention includes;According to the sequence number and object of subscriber terminal equipment Reason address authenticates the subscriber terminal equipment;When the subscriber terminal equipment passes through certification, according to current time stamp, The sequence number and the physical address obtain the port numbers and token of the external mapped port of the subscriber terminal equipment, and It is sent to the subscriber terminal equipment;Receive obtaining from the subscriber terminal equipment for subscriber terminal equipment management server transmission The token and verified;When the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server return with The security strategy of the token matched is with the mapping end according to the security strategy to the subscriber terminal equipment management server Mouth is associated with the external mapped port foundation of the subscriber terminal equipment, can be by dynamic serve port, dynamically Security strategy is loaded to improve the safety of cpe device management.
Fig. 3 shows the flow diagram of the management method of customer terminal equipment provided in an embodiment of the present invention, this method Applied to subscriber terminal equipment management server 20 above-mentioned.As shown in figure 3, the management method of customer terminal equipment includes:
Step S21: it obtains the connection that subscriber terminal equipment is sent and establishes request, it includes described that the connection, which is established in request, The port numbers and token of the external mapped port of subscriber terminal equipment.
Before step S21, sequence number and physical address are sent to the user terminal device controller by customer terminal equipment, Subscriber terminal equipment controller authenticates the subscriber terminal equipment, and certification by when generate subscriber terminal equipment pair The port numbers and token of outer mapped port.In the step s 21, receive customer terminal equipment transmission includes the external mapped port Port numbers and token connection establish request.
Step S22: the response connection, which is established, requests, and by the token be sent to the user terminal device controller with into Row verifying.
Token is sent to the user terminal device controller, and by subscriber terminal equipment controller to received token into Row verifying.
Step S23: the security strategy with the token matched that the subscriber terminal equipment controller returns is obtained.
When the token authentication passes through, subscriber terminal equipment controller returns to the security strategy with the token matched.At this When token authentication does not pass through, subscriber terminal equipment controller return authentication failed as a result, and disconnecting.
Step S24: according to the security strategy to the external mapping end of mapped port and the subscriber terminal equipment Mouth establishes association.
In step s 24, judge whether the external mapped port of the subscriber terminal equipment meets the safe plan Slightly;If meeting the security strategy, to the external mapped port of the mapped port and the subscriber terminal equipment Establish association;If not meeting the security strategy, the connection with the subscriber terminal equipment is disconnected.
After mapped port is associated with the external mapped port foundation of subscriber terminal equipment, the mapping can be passed through The subscriber terminal equipment that port connection needs to manage;By the mapped port to the configuration of the subscriber terminal equipment into Row is checked or is modified, to realize the management to the subscriber terminal equipment of Intranet.When the connection between subscriber terminal equipment It when network disconnects, needs to repeat step S21-S24, using the new external mapped port of subscriber terminal equipment, ensures that user is whole The safety of the external mapped port of end equipment dynamically loads security strategy, to mention by dynamic external mapped port The safety of high cpe device management.
The management method of the customer terminal equipment of the embodiment of the present invention includes;The connection that subscriber terminal equipment is sent is obtained to build It is vertical to request, it include the port numbers and token of the external mapped port of the subscriber terminal equipment in the connection foundation request;It rings It answers the connection to establish request, and the token is sent to the user terminal device controller to verify;Obtain the use The security strategy with the token matched that family terminal equipment control returns;According to the security strategy to mapped port and institute The external mapped port for stating subscriber terminal equipment establishes association, can be by dynamic serve port, and dynamically load is pacified Full strategy improves the safety of cpe device management.
Fig. 4 shows the structural schematic diagram of the managing device of the customer terminal equipment of the embodiment of the present invention, the client terminal The managing device of equipment is applied as the subscriber terminal equipment controller 30 in Fig. 1.As shown in figure 4, the pipe of the customer terminal equipment Managing device includes: authentication unit 41, token generation unit 42, token authentication unit 43 and strategy matching unit 44.
Authentication unit 41 be used for according to the sequence number of subscriber terminal equipment and physical address to the subscriber terminal equipment into Row certification;Token generation unit 42 is used for when the subscriber terminal equipment passes through certification, according to current time stamp, the sequence Number and the physical address obtain the subscriber terminal equipment external mapped port port numbers and token, and be sent to institute State subscriber terminal equipment;Token authentication unit 43 is used to receive the whole from the user of subscriber terminal equipment management server transmission The token of end equipment acquisition is simultaneously verified;Strategy matching unit 44 is used for the Xiang Suoshu when the token passes through verifying Subscriber terminal equipment management server return with the security strategy of the token matched with according to the security strategy to the use The mapped port of family terminal unit management server is associated with the external mapped port foundation of the subscriber terminal equipment.
In a kind of optional mode, token generation unit 52 is used for: by the current time stamp, the sequence number and The character string of the physical address is attached;It is obtained described in the subscriber terminal equipment according to the character string after connection The port numbers and token of external mapped port.
In a kind of optional mode, token generation unit 52 is used for: the character string application Hash after connection is calculated Method obtains the first number;First number is subjected to complementation with preset number, the second obtained number is the user The port numbers of the external mapped port of terminal device;The character string after connection is encoded to obtain user's end The token of end equipment and the subscriber terminal equipment management server.
The embodiment of the present invention is by the sequence number and physical address according to subscriber terminal equipment to the subscriber terminal equipment It is authenticated;When the subscriber terminal equipment passes through certification, according to current time stamp, the sequence number and it is described physically Location obtains the port numbers and token of the external mapped port of the subscriber terminal equipment, and is sent to the subscriber terminal equipment; It receives the token of subscriber terminal equipment management server transmission obtained from the subscriber terminal equipment and is verified;? When the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server return with the security strategy of the token matched with According to the security strategy to the mapped port of the subscriber terminal equipment management server and the institute of the subscriber terminal equipment It states external mapped port and establishes association, can dynamically load security strategy by dynamic serve port to improve cpe device The safety of management.
Fig. 5 shows the structural schematic diagram of the managing device of the customer terminal equipment of the embodiment of the present invention, the client terminal The managing device of equipment is applied as the subscriber terminal equipment management server 20 in Fig. 1.As shown in figure 5, the customer terminal equipment Managing device include: that unit is established in request unit 51, request-response unit 52, tactful acquiring unit 53 and association 54。
Request is established in the connection that request unit 51 is used to obtain subscriber terminal equipment transmission, and request is established in the connection In include the subscriber terminal equipment external mapped port port numbers and token;Request-response unit 52 is described for responding Request is established in connection, and the token is sent to the user terminal device controller to verify;Tactful acquiring unit 53 is used In the security strategy with the token matched for obtaining the subscriber terminal equipment controller return;Association is established unit 54 and is used for Mapped port is associated with the external mapped port foundation of the subscriber terminal equipment according to the security strategy.
In a kind of optional mode, association is established unit 54 and is used for: judging the described external of the subscriber terminal equipment Whether mapped port meets the security strategy;If meeting the security strategy, to the mapped port and the user The external mapped port of terminal device establishes association;If not meeting the security strategy, disconnect whole with the user The connection of end equipment.
In a kind of optional mode, the managing device of customer terminal equipment further includes device management unit, equipment management Unit 55 is also used to: the subscriber terminal equipment for needing to manage by mapped port connection;Pass through the mapped port The configuration of the subscriber terminal equipment is checked or modified.
The embodiment of the present invention establishes request by obtaining the connection that subscriber terminal equipment is sent, and the connection is established in request The port numbers and token of external mapped port including the subscriber terminal equipment;It responds the connection and establishes request, and by institute It states token and is sent to the user terminal device controller to be verified;Obtain that the subscriber terminal equipment controller returns with institute State the security strategy of token matched;Mapped port and the described of the subscriber terminal equipment are externally reflected according to the security strategy It penetrates port and establishes association, can dynamically load security strategy by dynamic serve port to improve the peace of cpe device management Quan Xing.
The embodiment of the invention provides a kind of nonvolatile computer storage media, the computer storage medium is stored with The customer terminal equipment in above-mentioned any means embodiment can be performed in an at least executable instruction, the computer executable instructions Management method.
Executable instruction specifically can be used for so that processor executes following operation:
The subscriber terminal equipment is authenticated according to the sequence number of subscriber terminal equipment and physical address;
When the subscriber terminal equipment passes through certification, according to current time stamp, the sequence number and it is described physically Location obtains the port numbers and token of the external mapped port of the subscriber terminal equipment, and is sent to the subscriber terminal equipment;
The token obtained from the subscriber terminal equipment for receiving the transmission of subscriber terminal equipment management server is gone forward side by side Row verifying;
When the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server is returned and the token matched Security strategy is with whole to the mapped port of the subscriber terminal equipment management server and the user according to the security strategy The external mapped port of end equipment establishes association.
In a kind of optional mode, the executable instruction makes the processor execute following operation:
The character string of the current time stamp, the sequence number and the physical address is attached;
The port numbers of the external mapped port of the subscriber terminal equipment are obtained according to the character string after connection And token.
In a kind of optional mode, the executable instruction makes the processor execute following operation:
The character string application hash algorithm after connection is obtained into the first number;
First number is subjected to complementation with preset number, the second obtained number is the subscriber terminal equipment The external mapped port port numbers;
The character string after connection is encoded to obtain the subscriber terminal equipment and the subscriber terminal equipment pipe Manage the token of server.
The management method of the customer terminal equipment of the embodiment of the present invention includes;According to the sequence number and object of subscriber terminal equipment Reason address authenticates the subscriber terminal equipment;When the subscriber terminal equipment passes through certification, according to current time stamp, The sequence number and the physical address obtain the port numbers and token of the external mapped port of the subscriber terminal equipment, and It is sent to the subscriber terminal equipment;Receive obtaining from the subscriber terminal equipment for subscriber terminal equipment management server transmission The token and verified;When the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server return with The security strategy of the token matched is with the mapping end according to the security strategy to the subscriber terminal equipment management server Mouth is associated with the external mapped port foundation of the subscriber terminal equipment, can be by dynamic serve port, dynamically Security strategy is loaded to improve the safety of cpe device management.
The embodiment of the invention provides another nonvolatile computer storage media, the computer storage medium storage There is an at least executable instruction, which can be performed the customer terminal equipment in above-mentioned any means embodiment Management method.
Executable instruction specifically can be used for so that processor executes following operation:
It obtains the connection that subscriber terminal equipment is sent and establishes request, it includes the user terminal in request that the connection, which is established, The port numbers and token of the external mapped port of equipment;
It responds the connection and establishes request, and the token is sent to the user terminal device controller to verify;
Obtain the security strategy with the token matched that the subscriber terminal equipment controller returns;
It is established and is closed according to the external mapped port of the security strategy to mapped port and the subscriber terminal equipment Connection.
In a kind of optional mode, the executable instruction makes the processor execute following operation:
Judge whether the external mapped port of the subscriber terminal equipment meets the security strategy;
The external mapping if meeting the security strategy, to the mapped port and the subscriber terminal equipment Association is established in port;
If not meeting the security strategy, the connection with the subscriber terminal equipment is disconnected.
In a kind of optional mode, the executable instruction makes the processor execute following operation:
The subscriber terminal equipment for needing to manage by mapped port connection;
The configuration of the subscriber terminal equipment is checked or modified by the mapped port.
The embodiment of the present invention establishes request by obtaining the connection that subscriber terminal equipment is sent, and the connection is established in request The port numbers and token of external mapped port including the subscriber terminal equipment;It responds the connection and establishes request, and by institute It states token and is sent to the user terminal device controller to be verified;Obtain that the subscriber terminal equipment controller returns with institute State the security strategy of token matched;Mapped port and the described of the subscriber terminal equipment are externally reflected according to the security strategy It penetrates port and establishes association, can dynamically load security strategy by dynamic serve port to improve the peace of cpe device management Quan Xing.
Fig. 6 shows the structural schematic diagram of the calculating equipment of the embodiment of the present invention, and the specific embodiment of the invention is not to setting Standby specific implementation limits.
As shown in fig. 6, the calculating equipment may include: processor (processor) 602, communication interface (Communications Interface) 604, memory (memory) 606 and communication bus 608.
Wherein: processor 602, communication interface 604 and memory 606 complete mutual lead to by communication bus 608 Letter.Communication interface 604, for being communicated with the network element of other equipment such as client or other servers etc..Processor 602 is used In executing program 610, the correlation step in the management method embodiment of above-mentioned customer terminal equipment can be specifically executed.
Specifically, program 610 may include program code, which includes computer operation instruction.
Processor 602 may be central processor CPU or specific integrated circuit ASIC (Application Specific Integrated Circuit), or be arranged to implement the integrated electricity of one or more of the embodiment of the present invention Road.The one or more processors that equipment includes can be same type of processor, such as one or more CPU;It is also possible to Different types of processor, such as one or more CPU and one or more ASIC.
Memory 606, for storing program 610.Memory 606 may include high speed RAM memory, it is also possible to further include Nonvolatile memory (non-volatile memory), for example, at least a magnetic disk storage.
Program 610 specifically can be used for so that processor 602 executes following operation:
The subscriber terminal equipment is authenticated according to the sequence number of subscriber terminal equipment and physical address;
When the subscriber terminal equipment passes through certification, according to current time stamp, the sequence number and it is described physically Location obtains the port numbers and token of the external mapped port of the subscriber terminal equipment, and is sent to the subscriber terminal equipment;
The token obtained from the subscriber terminal equipment for receiving the transmission of subscriber terminal equipment management server is gone forward side by side Row verifying;
When the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server is returned and the token matched Security strategy is with whole to the mapped port of the subscriber terminal equipment management server and the user according to the security strategy The external mapped port of end equipment establishes association.
In a kind of optional mode, described program 610 makes the processor execute following operation:
The character string of the current time stamp, the sequence number and the physical address is attached;
The port numbers of the external mapped port of the subscriber terminal equipment are obtained according to the character string after connection And token.
In a kind of optional mode, described program 610 makes the processor execute following operation:
The character string application hash algorithm after connection is obtained into the first number;
First number is subjected to complementation with preset number, the second obtained number is the subscriber terminal equipment The external mapped port port numbers;
The character string after connection is encoded to obtain the subscriber terminal equipment and the subscriber terminal equipment pipe Manage the token of server.
The embodiment of the present invention is by the sequence number and physical address according to subscriber terminal equipment to the subscriber terminal equipment It is authenticated;When the subscriber terminal equipment passes through certification, according to current time stamp, the sequence number and it is described physically Location obtains the port numbers and token of the external mapped port of the subscriber terminal equipment, and is sent to the subscriber terminal equipment; It receives the token of subscriber terminal equipment management server transmission obtained from the subscriber terminal equipment and is verified;? When the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server return with the security strategy of the token matched with According to the security strategy to the mapped port of the subscriber terminal equipment management server and the institute of the subscriber terminal equipment It states external mapped port and establishes association, can dynamically load security strategy by dynamic serve port to improve cpe device The safety of management.
Fig. 7 shows the structural schematic diagram of another calculating equipment of the embodiment of the present invention, and the specific embodiment of the invention is not The specific implementation of equipment is limited.
As shown in fig. 7, the calculating equipment may include: processor (processor) 702, communication interface (Communications Interface) 704, memory (memory) 706 and communication bus 708.
Wherein: processor 702, communication interface 704 and memory 706 complete mutual lead to by communication bus 708 Letter.Communication interface 704, for being communicated with the network element of other equipment such as client or other servers etc..Processor 702 is used In executing program 710, the correlation step in the management method embodiment of above-mentioned customer terminal equipment can be specifically executed.
Specifically, program 710 may include program code, which includes computer operation instruction.
Processor 702 may be central processor CPU or specific integrated circuit ASIC (Application Specific Integrated Circuit), or be arranged to implement the integrated electricity of one or more of the embodiment of the present invention Road.The one or more processors that equipment includes can be same type of processor, such as one or more CPU;It is also possible to Different types of processor, such as one or more CPU and one or more ASIC.
Memory 706, for storing program 710.Memory 706 may include high speed RAM memory, it is also possible to further include Nonvolatile memory (non-volatile memory), for example, at least a magnetic disk storage.
Program 710 specifically can be used for so that processor 702 executes following operation:
It obtains the connection that subscriber terminal equipment is sent and establishes request, it includes the user terminal in request that the connection, which is established, The port numbers and token of the external mapped port of equipment;
It responds the connection and establishes request, and the token is sent to the user terminal device controller to verify;
Obtain the security strategy with the token matched that the subscriber terminal equipment controller returns;
It is established and is closed according to the external mapped port of the security strategy to mapped port and the subscriber terminal equipment Connection.
In a kind of optional mode, described program 710 makes the processor execute following operation:
Judge whether the external mapped port of the subscriber terminal equipment meets the security strategy;
The external mapping if meeting the security strategy, to the mapped port and the subscriber terminal equipment Association is established in port;
If not meeting the security strategy, the connection with the subscriber terminal equipment is disconnected.
In a kind of optional mode, described program 710 makes the processor execute following operation:
The subscriber terminal equipment for needing to manage by mapped port connection;
The configuration of the subscriber terminal equipment is checked or modified by the mapped port.
The embodiment of the present invention establishes request by obtaining the connection that subscriber terminal equipment is sent, and the connection is established in request The port numbers and token of external mapped port including the subscriber terminal equipment;It responds the connection and establishes request, and by institute It states token and is sent to the user terminal device controller to be verified;Obtain that the subscriber terminal equipment controller returns with institute State the security strategy of token matched;Mapped port and the described of the subscriber terminal equipment are externally reflected according to the security strategy It penetrates port and establishes association, can dynamically load security strategy by dynamic serve port to improve the peace of cpe device management Quan Xing.
Algorithm or display are not inherently related to any particular computer, virtual system, or other device provided herein. Various general-purpose systems can also be used together with teachings based herein.As described above, it constructs required by this kind of system Structure be obvious.In addition, the embodiment of the present invention is also not for any particular programming language.It should be understood that can benefit Summary of the invention described herein is realized with various programming languages, and the description done above to language-specific is to drape over one's shoulders Reveal preferred forms of the invention.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the present invention and help to understand one or more of the various inventive aspects, Above in the description of exemplary embodiment of the present invention, each feature of the embodiment of the present invention is grouped together into individually sometimes In embodiment, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention: being wanted Ask protection the present invention claims features more more than feature expressly recited in each claim.More precisely, such as As following claims reflect, inventive aspect is all features less than single embodiment disclosed above. Therefore, it then follows thus claims of specific embodiment are expressly incorporated in the specific embodiment, wherein each right is wanted Ask itself all as a separate embodiment of the present invention.
In addition, it will be appreciated by those of skill in the art that although some embodiments in this include institute in other embodiments Including certain features rather than other feature, but the combination of the feature of different embodiment means in the scope of the present invention Within and form different embodiments.For example, in the following claims, embodiment claimed it is any it One can in any combination mode come using.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame Claim.Step in above-described embodiment should not be construed as the restriction to execution sequence in addition to having specified otherwise.

Claims (10)

1. a kind of management method of customer terminal equipment, which is characterized in that the described method includes:
The subscriber terminal equipment is authenticated according to the sequence number of subscriber terminal equipment and physical address;
When the subscriber terminal equipment passes through certification, obtained according to current time stamp, the sequence number and the physical address The port numbers and token of the external mapped port of the subscriber terminal equipment are taken, and are sent to the subscriber terminal equipment;
It receives the token of subscriber terminal equipment management server transmission obtained from the subscriber terminal equipment and is tested Card;
When the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server returns to the safety with the token matched Strategy according to mapped port of the security strategy to the subscriber terminal equipment management server with the user terminal to set The standby external mapped port establishes association.
2. the method as described in claim 1, which is characterized in that it is described when the subscriber terminal equipment passes through certification according to working as Preceding timestamp, the sequence number and the physical address obtain the port numbers of the external mapped port of the subscriber terminal equipment And token, comprising:
The character string of the current time stamp, the sequence number and the physical address is attached;
The port numbers and order of the external mapped port of the subscriber terminal equipment are obtained according to the character string after connection Board.
3. method according to claim 2, which is characterized in that the character string according to after connection obtains the user The port numbers and token of the external mapped port of terminal device, comprising:
The character string application hash algorithm after connection is obtained into the first number;
First number is subjected to complementation with preset number, the digital institute for the subscriber terminal equipment of second obtained State the port numbers of external mapped port;
The character string after connection is encoded to obtain the subscriber terminal equipment and subscriber terminal equipment management clothes The token of business device.
4. a kind of management method of customer terminal equipment, which is characterized in that the described method includes:
It obtains the connection that subscriber terminal equipment is sent and establishes request, it includes the subscriber terminal equipment in request that the connection, which is established, External mapped port port numbers and token;
It responds the connection and establishes request, and the token is sent to the user terminal device controller to verify;
Obtain the security strategy with the token matched that the subscriber terminal equipment controller returns;
Mapped port is associated with the external mapped port foundation of the subscriber terminal equipment according to the security strategy.
5. method as claimed in claim 4, which is characterized in that it is described according to the security strategy to mapped port and the use The external mapped port of family terminal device establishes association, comprising:
Judge whether the external mapped port of the subscriber terminal equipment meets the security strategy;
If meeting the security strategy, to the external mapped port of the mapped port and the subscriber terminal equipment Establish association;
If not meeting the security strategy, the connection with the subscriber terminal equipment is disconnected.
6. according to the method described in claim 4, it is characterized in that, it is described according to the security strategy to mapped port with it is described The external mapped port of subscriber terminal equipment is established after association, the method also includes:
The subscriber terminal equipment for needing to manage by mapped port connection;
The configuration of the subscriber terminal equipment is checked or modified by the mapped port.
7. a kind of managing device of customer terminal equipment, which is characterized in that described device includes:
Authentication unit, for being recognized according to the sequence number and physical address of subscriber terminal equipment the subscriber terminal equipment Card;
Token generation unit, for when the subscriber terminal equipment passes through certification, according to current time stamp, the sequence number with And the physical address obtains the port numbers and token of the external mapped port of the subscriber terminal equipment, and is sent to the use Family terminal device;
Token authentication unit, for receive subscriber terminal equipment management server transmission from the subscriber terminal equipment obtain The token is simultaneously verified;
Strategy matching unit, for when the token passes through verifying, Xiang Suoshu subscriber terminal equipment management server return with The security strategy of the token matched is with the mapping end according to the security strategy to the subscriber terminal equipment management server Mouth is associated with the external mapped port foundation of the subscriber terminal equipment.
8. a kind of managing device of customer terminal equipment, which is characterized in that described device includes:
Request is established in request unit, the connection for obtaining subscriber terminal equipment transmission, and the connection is established in request and wrapped Include the port numbers and token of the external mapped port of the subscriber terminal equipment;
Request-response unit establishes request for responding the connection, and the token is sent to the user terminal equipment control Device is to be verified;
Tactful acquiring unit, the safe plan with the token matched returned for obtaining the subscriber terminal equipment controller Slightly;
Unit is established in association, for externally being reflected according to the security strategy to mapped port and the described of the subscriber terminal equipment It penetrates port and establishes association.
9. a kind of calculating equipment characterized by comprising processor, memory, communication interface and communication bus, the processing Device, the memory and the communication interface complete mutual communication by the communication bus;
The memory executes the processor according to right for storing an at least executable instruction, the executable instruction It is required that the step of management method of any one of 1-3 or the customer terminal equipment according to any one of claim 4-6.
10. a kind of computer storage medium, which is characterized in that be stored with an at least executable instruction, institute in the storage medium Stating executable instruction makes processor execute according to claim 1 any one of -3 or according to any one of claim 4-6 Customer terminal equipment management method the step of.
CN201910694060.0A 2019-07-30 2019-07-30 Client terminal equipment management method and device, computing equipment and storage medium Active CN110365701B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910694060.0A CN110365701B (en) 2019-07-30 2019-07-30 Client terminal equipment management method and device, computing equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910694060.0A CN110365701B (en) 2019-07-30 2019-07-30 Client terminal equipment management method and device, computing equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110365701A true CN110365701A (en) 2019-10-22
CN110365701B CN110365701B (en) 2021-12-31

Family

ID=68222825

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910694060.0A Active CN110365701B (en) 2019-07-30 2019-07-30 Client terminal equipment management method and device, computing equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110365701B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110843816A (en) * 2019-11-29 2020-02-28 北京智联友道科技有限公司 Monitoring system of urban rail ventilation air-conditioning system
CN111182537A (en) * 2019-12-31 2020-05-19 北京指掌易科技有限公司 Network access method, device and system for mobile application
CN111601073A (en) * 2020-04-15 2020-08-28 深圳新贝奥科技有限公司 Method for pushing video code stream to cloud server through local area network
CN112491603A (en) * 2020-11-17 2021-03-12 广州西麦科技股份有限公司 Equipment configuration method, device, equipment and storage medium
CN113438246A (en) * 2021-06-29 2021-09-24 四川巧夺天工信息安全智能设备有限公司 Data security and authority control method for intelligent terminal
CN113904939A (en) * 2021-10-27 2022-01-07 中国联合网络通信集团有限公司 Method, device and storage medium for managing target terminal
CN115695405A (en) * 2021-07-28 2023-02-03 中移物联网有限公司 Equipment control method, device, control terminal, execution terminal and service terminal

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040093519A1 (en) * 2002-11-13 2004-05-13 Grobman Steven L. Network protecting authentication proxy
CN101465852A (en) * 2008-10-24 2009-06-24 广东威创视讯科技股份有限公司 Method for implementing network inner penetration in network videoconference system
CN102801591A (en) * 2012-07-02 2012-11-28 耿直 Real-time data transmission method based on local area network
CN104506368A (en) * 2014-12-30 2015-04-08 浪潮(北京)电子信息产业有限公司 Method and equipment for managing switchboard equipment in unified manner
CN105991293A (en) * 2016-07-26 2016-10-05 努比亚技术有限公司 Verification method and verification device
CN106330938A (en) * 2016-08-31 2017-01-11 四川省魅力传媒有限公司 Media terminal management system and method
CN108965320A (en) * 2018-08-08 2018-12-07 湖南中车时代通信信号有限公司 A kind of system and method for general railway intranet and extranet data interaction
CN109150805A (en) * 2017-06-19 2019-01-04 亿阳安全技术有限公司 The method for managing security and system of application programming interface
CN109309666A (en) * 2018-08-22 2019-02-05 中国平安财产保险股份有限公司 Interface security control method and terminal device in a kind of network security
CN110049059A (en) * 2019-04-26 2019-07-23 深圳市网心科技有限公司 A kind of outer net equipment and Intranet communication between devices method and relevant apparatus

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040093519A1 (en) * 2002-11-13 2004-05-13 Grobman Steven L. Network protecting authentication proxy
CN101465852A (en) * 2008-10-24 2009-06-24 广东威创视讯科技股份有限公司 Method for implementing network inner penetration in network videoconference system
CN102801591A (en) * 2012-07-02 2012-11-28 耿直 Real-time data transmission method based on local area network
CN104506368A (en) * 2014-12-30 2015-04-08 浪潮(北京)电子信息产业有限公司 Method and equipment for managing switchboard equipment in unified manner
CN105991293A (en) * 2016-07-26 2016-10-05 努比亚技术有限公司 Verification method and verification device
CN106330938A (en) * 2016-08-31 2017-01-11 四川省魅力传媒有限公司 Media terminal management system and method
CN109150805A (en) * 2017-06-19 2019-01-04 亿阳安全技术有限公司 The method for managing security and system of application programming interface
CN108965320A (en) * 2018-08-08 2018-12-07 湖南中车时代通信信号有限公司 A kind of system and method for general railway intranet and extranet data interaction
CN109309666A (en) * 2018-08-22 2019-02-05 中国平安财产保险股份有限公司 Interface security control method and terminal device in a kind of network security
CN110049059A (en) * 2019-04-26 2019-07-23 深圳市网心科技有限公司 A kind of outer net equipment and Intranet communication between devices method and relevant apparatus

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110843816A (en) * 2019-11-29 2020-02-28 北京智联友道科技有限公司 Monitoring system of urban rail ventilation air-conditioning system
CN111182537A (en) * 2019-12-31 2020-05-19 北京指掌易科技有限公司 Network access method, device and system for mobile application
CN111601073A (en) * 2020-04-15 2020-08-28 深圳新贝奥科技有限公司 Method for pushing video code stream to cloud server through local area network
CN112491603A (en) * 2020-11-17 2021-03-12 广州西麦科技股份有限公司 Equipment configuration method, device, equipment and storage medium
CN113438246A (en) * 2021-06-29 2021-09-24 四川巧夺天工信息安全智能设备有限公司 Data security and authority control method for intelligent terminal
CN115695405A (en) * 2021-07-28 2023-02-03 中移物联网有限公司 Equipment control method, device, control terminal, execution terminal and service terminal
CN113904939A (en) * 2021-10-27 2022-01-07 中国联合网络通信集团有限公司 Method, device and storage medium for managing target terminal

Also Published As

Publication number Publication date
CN110365701B (en) 2021-12-31

Similar Documents

Publication Publication Date Title
CN110365701A (en) The management method of customer terminal equipment, calculates equipment and storage medium at device
TWI815443B (en) Non-transitory machine readable medium for internet of things
CN104426740B (en) System and method for management tunnel endpoint
CN104584480B (en) Cloud assisted method for application safety verification and service
CN104967609B (en) Intranet exploitation server access method, apparatus and system
CN110521182B (en) Method and system for protocol level identity mapping
CN107113319A (en) Method, device, system and the proxy server of response in a kind of Virtual Networking Computing certification
Kalita Socket programming
CN106850642A (en) Network site for directly accessing network determines
CN109873808A (en) Communication means and device, storage medium and electronic equipment between block chain node
EP3069231A1 (en) Automated sdk ingestion
CN109408250A (en) Call application programming interface API approach, device, electronic equipment
CN108768730A (en) Method and apparatus for operating intelligent network adapter
CN102752303B (en) Bypass-based data acquisition method and system
CN109379742A (en) A kind of cut-in method of WLAN, device and storage medium
CN109743373A (en) Remote assistance method, equipment, system and the medium of terminal
CN108322366A (en) Access the methods, devices and systems of network
CN109491887A (en) Test environment dispositions method, device, computer equipment and storage medium
CN110413329A (en) IOT equipment remote debugging method, apparatus and system
CN103973785A (en) Log reading system based on P2P and method thereof
US20220012726A1 (en) Method and System for a Network Device to Obtain a Trusted State Representation of the State of the Distributed Ledger Technology Network
Lima et al. A performance evaluation of raspberry pi zero W based gateway running MQTT broker for IoT
US9882957B1 (en) Client-side endpoint specification in a network service request
CN111726328B (en) Method, system and related device for remotely accessing a first device
US8630837B2 (en) Multicast emulation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20210318

Address after: 200000 second floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai

Applicant after: Dalu Robot Co.,Ltd.

Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.)

Applicant before: Shenzhen Qianhaida Yunyun Intelligent Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 201111 Building 8, No. 207, Zhongqing Road, Minhang District, Shanghai

Patentee after: Dayu robot Co.,Ltd.

Address before: 200000 second floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai

Patentee before: Dalu Robot Co.,Ltd.