CN110417807A - Quickly disposition Internet of Things illegally accesses the method and device of assets - Google Patents
Quickly disposition Internet of Things illegally accesses the method and device of assets Download PDFInfo
- Publication number
- CN110417807A CN110417807A CN201910727768.1A CN201910727768A CN110417807A CN 110417807 A CN110417807 A CN 110417807A CN 201910727768 A CN201910727768 A CN 201910727768A CN 110417807 A CN110417807 A CN 110417807A
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- assets
- warning
- communication control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The present invention provides the method and devices that a kind of quickly disposition Internet of Things illegally accesses assets, comprising: Internet of Things security postures aware platform first obtains the illegal access warning of Internet of Things access equipment transmission;Then, illegal access warning is parsed, and shows the acknowledged alarm information that parsing obtains;It is instructed finally, receiving user according to the communication control that warning information is sent, and communication control instruction is sent to Internet of Things access equipment, the corresponding communication control of Internet of Things assets execution is operated so that Internet of Things access equipment is instructed according to communication control.As can be seen from the above description, the present invention passes through the communication between Internet of Things security postures aware platform and Internet of Things access equipment, realize the rapidly and efficiently disposition to assets are illegally accessed in environment of internet of things, it no longer needs to carry out multiple equipment many and diverse operation, alleviate it is existing illegally access the method that assets are handled to Internet of Things and take time and effort, the technical issues of inefficiency.
Description
Technical field
The present invention relates to the technical fields of Internet of Things, illegally access assets more particularly, to a kind of quickly disposition Internet of Things
Method and device.
Background technique
Universal with internet of things equipment, Internet of Things is increasingly subject to safely the concern of people, and in face of completely new and be full of
Unknown Internet of Things safety problem, the way of most users are to carry out traditional network safety prevention equipment access Internet of Things
Security protection.
But traditional network safety prevention equipment (such as: firewall, interchanger, router etc.), not due to manufacturer
Together, data format different situations such as even agreement is inconsistent, it is often necessary to be separately configured.Such as: in a network environment,
Forbid some IP Outside Access of Intranet, and since condition limitation can not be generally required when directly operating on internet of things equipment
Corresponding rule, such as the stream external in fire prevention some IP of ceiling wall system are separately configured in different network safety prevention equipment
Amount, or the parsing of certain domain name is limited on the router, or limits the network access right in some VLAN on switches
Limit etc..In order to realize that a protection needs simultaneously to operate multiple equipment, not only time and effort consuming, and inefficiency.
To sum up, existing illegally to access the method that assets are handled to Internet of Things and take time and effort, inefficiency.
Summary of the invention
The purpose of the present invention is to provide the method and devices that a kind of quickly disposition Internet of Things illegally accesses assets, to alleviate
It is existing illegally to access the method that assets are handled to Internet of Things and take time and effort, the technical issues of inefficiency.
A kind of method that quickly disposition Internet of Things illegally accesses assets provided by the invention, is applied to Internet of Things security postures
Aware platform, which comprises
Obtain the illegal access warning that Internet of Things access equipment is sent;Wherein, the illegal access warning is the Internet of Things
The illegal access warning in environment of internet of things where net access equipment;
The illegal access warning is parsed, and shows the acknowledged alarm information that parsing obtains, wherein the acknowledged alarm
Information includes: warning information and alarm operation button;
It receives user to be instructed according to the communication control that the warning information is sent, and communication control instruction is sent to
The Internet of Things access equipment, so that the Internet of Things access equipment is instructed according to the communication control to the Internet of Things assets
Execute corresponding communication control operation;Wherein, the communication control instruction is that the user is sent out by the alarm operation button
The instruction sent, the communication control instruction includes following any: allowing communication instruction, forbids communication instruction.
Further, maintenance has Internet of Things assets blacklist and Internet of Things money on the Internet of Things security postures aware platform
White list is produced, after to the illegal access warning parsing, before showing the acknowledged alarm information that parsing obtains, the side
Method further include:
Judge to parse whether Internet of Things assets included in the obtained warning information are that the Internet of Things assets are black
Internet of Things assets in list, and judge to parse whether Internet of Things assets included in obtained warning information are the Internet of Things
Internet of Things assets in net assets white list;
If it is the Internet of Things assets in the Internet of Things assets blacklist, then institute is sent to the Internet of Things access equipment
It states and forbids communication instruction, so that the Internet of Things access equipment forbids communication instruction to execute the Internet of Things assets according to
Forbid traffic operation;
If it is the Internet of Things assets in the Internet of Things assets white list, then institute is sent to the Internet of Things access equipment
Permission communication instruction is stated, so that the Internet of Things access equipment executes the Internet of Things assets according to the permission communication instruction
Allow traffic operation.
Further, the method also includes:
If Internet of Things assets included in the warning information are not the Internet of Things in the Internet of Things assets blacklist
Net assets, and Internet of Things assets included in the warning information are not the Internet of Things money in the Internet of Things assets white list
It produces, then shows the acknowledged alarm information that parsing obtains.
Further, after communication control instruction is sent to the Internet of Things access equipment, the method is also
Include:
The Internet of Things assets blacklist or the Internet of Things assets white list are carried out based on communication control instruction
It updates.
Further, show that the acknowledged alarm information for parsing and obtaining includes:
The acknowledged alarm information that parsing obtains is shown by way of table.
Further, obtaining the illegal access warning that Internet of Things access equipment is sent includes:
Obtain the security alarm that the Internet of Things access equipment is sent;
The alarm that alarm type is illegal access style is screened in the security alarm, is obtained the illegal access and is accused
It is alert.
The present invention also provides the devices that a kind of quickly disposition Internet of Things illegally accesses assets, are applied to the safe state of Internet of Things
Gesture aware platform, described device include:
Module is obtained, for obtaining the illegal access warning of Internet of Things access equipment transmission;Wherein, the illegal access is accused
Illegal access warning in the alert environment of internet of things where the Internet of Things access equipment;
Parsing module for parsing to the illegal access warning, and shows the acknowledged alarm information that parsing obtains,
In, the acknowledged alarm information includes: warning information and alarm operation button;
Receiving module, the communication control sent for receiving user according to the warning information instruct, and by the communication
Control instruction is sent to the Internet of Things access equipment, so that the Internet of Things access equipment is according to communication control instruction pair
The Internet of Things assets execute corresponding communication control operation;Wherein, the communication control instruction is the user described in
The instruction that alarm operation button is sent, the communication control instruction includes following any: allowing communication instruction, communication is forbidden to refer to
It enables.
Further, maintenance has Internet of Things assets blacklist and Internet of Things money on the Internet of Things security postures aware platform
Produce white list, described device further include:
Judgment module parses whether Internet of Things assets included in the obtained warning information are described for judging
Internet of Things assets in Internet of Things assets blacklist, and judge that parsing Internet of Things assets included in obtained warning information is
The no Internet of Things assets in the Internet of Things assets white list;
First sending module, if it is the Internet of Things assets in the Internet of Things assets blacklist, then to the Internet of Things
Access equipment forbids communication instruction described in sending, so that the Internet of Things access equipment forbids communication instruction to described according to
Traffic operation is forbidden in the execution of Internet of Things assets;
Second sending module, if it is the Internet of Things assets in the Internet of Things assets white list, then to the Internet of Things
Access equipment sends the permission communication instruction, so that the Internet of Things access equipment is according to the permission communication instruction to described
Internet of Things assets, which execute, allows traffic operation.
Further, described device further include:
Display module, if Internet of Things assets included in the warning information are not the Internet of Things assets blacklists
In Internet of Things assets, and Internet of Things assets included in the warning information are not in the Internet of Things assets white list
Internet of Things assets then show the acknowledged alarm information that parsing obtains.
The present invention also provides a kind of electronic equipment, including memory, processor, being stored on the memory can be in institute
The computer program run on processor is stated, the processor is realized described in above content when executing the computer program
The step of method.
In embodiments of the present invention, Internet of Things security postures aware platform first obtains the illegal of Internet of Things access equipment transmission
Access warning;Then, illegal access warning is parsed, and shows the acknowledged alarm information that parsing obtains;Finally, receiving user's root
The communication control instruction sent according to warning information, and communication control instruction is sent to Internet of Things access equipment, so that Internet of Things
Access equipment instructs according to communication control and executes corresponding communication control operation to Internet of Things assets.As can be seen from the above description,
The present invention is realized by the communication between Internet of Things security postures aware platform and Internet of Things access equipment to environment of internet of things
The rapidly and efficiently disposition of interior illegal access assets, no longer needs to carry out multiple equipment many and diverse operation, alleviates existing to object
The technical issues of method that the illegal access assets of networking are handled takes time and effort, inefficiency.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below
Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor
It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is the flow chart for the method that quick disposition Internet of Things provided in an embodiment of the present invention illegally accesses assets;
Fig. 2 is the flow chart for the method that automatic disposition Internet of Things provided in an embodiment of the present invention illegally accesses assets;
Fig. 3 is the stream of the method for the illegal access warning that acquisition Internet of Things access equipment provided in an embodiment of the present invention is sent
Cheng Tu;
Fig. 4 is the schematic diagram for the device that quick disposition Internet of Things provided in an embodiment of the present invention illegally accesses assets;
Fig. 5 is the schematic diagram of electronic equipment provided in an embodiment of the present invention.
Specific embodiment
Technical solution of the present invention is clearly and completely described below in conjunction with embodiment, it is clear that described reality
Applying example is a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, the common skill in this field
Art personnel every other embodiment obtained without making creative work belongs to the model that the present invention protects
It encloses.
Quickly to dispose Internet of Things to one kind disclosed in the embodiment of the present invention first convenient for understanding the present embodiment
The method of illegal access assets describes in detail.
Embodiment one:
According to embodiments of the present invention, a kind of embodiment quickly disposed Internet of Things and illegally access the method for assets is provided,
It should be noted that step shown in the flowchart of the accompanying drawings can be in the department of computer science of such as a group of computer-executable instructions
It is executed in system, although also, logical order is shown in flow charts, and it in some cases, can be to be different from herein
Sequence execute shown or described step.
Fig. 1 is the flow chart for the method that a kind of quickly disposition Internet of Things according to an embodiment of the present invention illegally accesses assets,
This method is applied to Internet of Things security postures aware platform, as shown in Figure 1, this method comprises the following steps:
Step S102 obtains the illegal access warning that Internet of Things access equipment is sent;Wherein, illegal access warning is Internet of Things
The illegal access warning in environment of internet of things where net access equipment;
Internet of Things security postures aware platform in the embodiment of the present invention is that finger tip/center framework Internet of Things solves safely
The certainly central platform in scheme;And illegal access warning, it is that (specially non-self the other of asset equipment set Internet of Things assets
It is standby) it is linked into the assets in business network without authorization in the case where without permission.
In embodiments of the present invention, Internet of Things access equipment is mainly used for carrying out safe inspection to the environment of internet of things locating for it
It surveys.If when in the environment of internet of things locating for it detects it, there are when security incident, corresponding security alarm can be generated.Specifically
, the type of security alarm includes at least: go offline alarm, equipment on-line alarm, the illegal access of new equipment access warning, equipment is accused
It is alert etc..Further, Internet of Things access equipment can screen security alarm, and the illegal access warning that screening is obtained is sent out
It send to Internet of Things security postures aware platform, in this way, Internet of Things security postures aware platform can be acquired and above-mentioned illegally be connect
Enter alarm.
Step S104 parses illegal access warning, and shows the acknowledged alarm information that parsing obtains, wherein alarm is true
Recognizing information includes: warning information and alarm operation button, and warning information includes at least: IP, the alarm type of Internet of Things assets, is accused
Alert operation button includes: the button for allowing to communicate, incommunicado button;
After Internet of Things security postures aware platform gets illegal access warning, illegal access warning is parsed, is obtained
Each field into illegal access warning, and acknowledged alarm information is generated according to each field that its parsing obtains, and then will
The acknowledged alarm information of generation is shown in background page.
Above-mentioned acknowledged alarm information includes: warning information and alarm operation button, wherein warning information includes at least: object
Network assets IP, alarm type, can also include: certainly Asset Type, data source, MAC Address, access situation (including
But be not limited to newly to access or illegal access), information, the alarm operation such as state (online or offline) safely include: to allow to communicate
Button and incommunicado button, the above-mentioned button for allowing to communicate and incommunicado button can also buttons in other forms
Show, for example, indicating to allow to communicate with ACK button, forbids communicating with disposition button indication, the embodiment of the present invention is to above-mentioned exhibition
Existing form is without concrete restriction.
Step S106 receives user and is instructed according to the communication control that warning information is sent, and communication control is instructed and is sent
To Internet of Things access equipment, so that Internet of Things access equipment is instructed according to communication control executes corresponding communication to Internet of Things assets
Control operation;Wherein, communication control instruction is the instruction that sends by alarm operation button of user, communication control instruct include with
Under it is any: allow communication instruction, forbid communication instruction.
After the background page of Internet of Things security postures aware platform illustrates above-mentioned acknowledged alarm information, user is according to wherein
Warning information click corresponding alarm operation button, to send communication control instruction to Internet of Things security postures aware platform,
In turn, communication control instruction is sent to Internet of Things access equipment by Internet of Things security postures aware platform, so that Internet of Things access
Equipment instructs according to communication control and executes corresponding communication control operation to Internet of Things assets.
Specifically, when communication control instruction is sent to Internet of Things access equipment by Internet of Things security postures aware platform, it can
To be formatted to communication control instruction, it is formatted as the received data format of Internet of Things access equipment institute's energy, to realize two
Communication, the linkage of person.
In addition, Internet of Things access equipment is instructed according to communication control executes corresponding communication control operation to Internet of Things assets
When, it can be Internet of Things access equipment itself corresponding communication control directly executed to Internet of Things assets and operate, it can also be by
Other gateways execute corresponding communication control to Internet of Things assets and operate, and specifically use which kind of mode, can be according to Internet of Things
The type of access equipment determines.
In embodiments of the present invention, Internet of Things security postures aware platform first obtains the illegal of Internet of Things access equipment transmission
Access warning;Then, illegal access warning is parsed, and shows the acknowledged alarm information that parsing obtains;Finally, receiving user's root
The communication control instruction sent according to warning information, and communication control instruction is sent to Internet of Things access equipment, so that Internet of Things
Access equipment instructs according to communication control and executes corresponding communication control operation to Internet of Things assets.As can be seen from the above description,
The present invention is realized by the communication between Internet of Things security postures aware platform and Internet of Things access equipment to environment of internet of things
The rapidly and efficiently disposition of interior illegal access assets, no longer needs to carry out multiple equipment many and diverse operation, alleviates existing to object
The technical issues of method that the illegal access assets of networking are handled takes time and effort, inefficiency.
The method that above content illegally accesses assets to quick disposition Internet of Things of the invention has carried out brief introduction, below
The particular content being directed to is described in detail.
In an alternate embodiment of the present invention where, maintenance has Internet of Things assets black on Internet of Things security postures aware platform
List and Internet of Things assets white list, with reference to Fig. 2, after to the parsing of illegal access warning, in the alarm for showing that parsing obtains
Before confirmation message, this method further include:
Step S201 judges to parse whether Internet of Things assets included in obtained warning information are that Internet of Things assets are black
Internet of Things assets in list, and judge to parse whether Internet of Things assets included in obtained warning information are Internet of Things money
Produce the Internet of Things assets in white list;
Step S202 is then sent to Internet of Things access equipment if it is the Internet of Things assets in Internet of Things assets blacklist
Forbid communication instruction so that Internet of Things access equipment according to forbid communication instruction to Internet of Things assets execution forbid traffic operation;
Step S203 is then sent to Internet of Things access equipment if it is the Internet of Things assets in Internet of Things assets white list
Allow communication instruction, so that Internet of Things access equipment, which executes Internet of Things assets according to permission communication instruction, allows traffic operation;
Step S204, if Internet of Things assets included in warning information are not the Internet of Things in Internet of Things assets blacklist
Net assets, and Internet of Things assets included in warning information are not the Internet of Things assets in Internet of Things assets white list, then open up
Show the acknowledged alarm information that parsing obtains.
By the way that Internet of Things assets blacklist and Internet of Things assets white list are arranged on Internet of Things security postures aware platform
Mode, Internet of Things assets can be disposed automatically, without being operated again by artificial mode, more intelligently,
Efficiently quickly.
It should be understood that the Internet of Things assets in Internet of Things assets blacklist and Internet of Things assets white list can pass through
Artificial mode is modified and (is added or deleted).
In an alternate embodiment of the present invention where, after communication control instruction is sent to Internet of Things access equipment,
This method further include:
Internet of Things assets blacklist or Internet of Things assets white list are updated based on communication control instruction.
Specifically, if corresponding Internet of Things assets are just added to by communication control instruction to allow communication instruction
In Internet of Things assets white list;If communication control instruction just adds corresponding Internet of Things assets to forbid communication instruction
It adds in Internet of Things assets blacklist, and then completes the update to Internet of Things assets blacklist or Internet of Things assets white list.
In an alternate embodiment of the present invention where, the acknowledged alarm information for showing that parsing obtains includes: by table
Form shows the acknowledged alarm information that parsing obtains.
In an alternate embodiment of the present invention where, it with reference to Fig. 3, obtains the illegal access that Internet of Things access equipment is sent and accuses
Police includes:
Step S301 obtains the security alarm that Internet of Things access equipment is sent;
Step S302 screens the alarm that alarm type is illegal access style in security alarm, obtains illegally accessing and accuse
It is alert.
Quick disposition Internet of Things of the invention illegally accesses in the method for assets, and Internet of Things security postures aware platform is direct
Protocol layer data linkage is carried out with Internet of Things access equipment (can be various network safety prevention equipment), it is each without manual entry
A equipment just can issue safety control strategy, convenient and efficient, provide the efficient experience of Internet of Things net safety protective for user.
Embodiment two:
The embodiment of the invention also provides the devices that a kind of quickly disposition Internet of Things illegally accesses assets, this quickly disposes object
The device of the illegal access assets of networking is applied to Internet of Things security postures aware platform, is mainly used for executing in the embodiment of the present invention
It states and quickly disposes the method that Internet of Things illegally accesses assets provided by content, below to quick place provided in an embodiment of the present invention
The device of the illegal access assets of glove networking does specific introduction.
Fig. 4 is the schematic diagram for the device that a kind of quickly disposition Internet of Things according to an embodiment of the present invention illegally accesses assets,
As shown in figure 4, it includes obtaining module 10 that the quick disposition Internet of Things, which illegally accesses the devices of assets mainly, parsing module 20 and connect
Receive module 30, in which:
Module is obtained, for obtaining the illegal access warning of Internet of Things access equipment transmission;Wherein, illegal access warning is
The illegal access warning in environment of internet of things where Internet of Things access equipment;
Parsing module for parsing to illegal access warning, and shows the acknowledged alarm information that parsing obtains, wherein accuse
Alert confirmation message includes: warning information and alarm operation button, and warning information includes at least: the IP of Internet of Things assets, alarm class
Type, alarm operation button include: the button for allowing to communicate, incommunicado button;
Receiving module instructs according to the communication control that warning information is sent for receiving user, and communication control is instructed
It is sent to Internet of Things access equipment, Internet of Things assets are executed accordingly so that Internet of Things access equipment is instructed according to communication control
Communication control operation;Wherein, communication control instruction is the instruction that user is sent by alarm operation button, communication control instruction packet
It includes following any: allowing communication instruction, forbids communication instruction.
In embodiments of the present invention, Internet of Things security postures aware platform first obtains the illegal of Internet of Things access equipment transmission
Access warning;Then, illegal access warning is parsed, and shows the acknowledged alarm information that parsing obtains;Finally, receiving user's root
The communication control instruction sent according to warning information, and communication control instruction is sent to Internet of Things access equipment, so that Internet of Things
Access equipment instructs according to communication control and executes corresponding communication control operation to Internet of Things assets.As can be seen from the above description,
The present invention is realized by the communication between Internet of Things security postures aware platform and Internet of Things access equipment to environment of internet of things
The rapidly and efficiently disposition of interior illegal access assets, no longer needs to carry out multiple equipment many and diverse operation, alleviates existing to object
The technical issues of method that the illegal access assets of networking are handled takes time and effort, inefficiency.
Optionally, maintenance has Internet of Things assets blacklist and the white name of Internet of Things assets on Internet of Things security postures aware platform
It is single, the device further include:
Judgment module parses whether Internet of Things assets included in obtained warning information are Internet of Things money for judging
The Internet of Things assets in blacklist are produced, and judge to parse whether Internet of Things assets included in obtained warning information are Internet of Things
Internet of Things assets in net assets white list;
First sending module, if it is the Internet of Things assets in Internet of Things assets blacklist, then to Internet of Things access equipment
Communication instruction is forbidden in transmission so that Internet of Things access equipment according to forbid communication instruction to Internet of Things assets execution forbid communication grasp
Make;
Second sending module, if it is the Internet of Things assets in Internet of Things assets white list, then to Internet of Things access equipment
Sending allows communication instruction, grasps so that Internet of Things access equipment executes Internet of Things assets to allow to communicate according to permission communication instruction
Make.
Optionally, the device further include:
Display module, if Internet of Things assets included in warning information are not the Internet of Things in Internet of Things assets blacklist
Net assets, and Internet of Things assets included in warning information are not the Internet of Things assets in Internet of Things assets white list, then open up
Show the acknowledged alarm information that parsing obtains.
Optionally, the device further include:
Update module, for being carried out based on communication control instruction to Internet of Things assets blacklist or Internet of Things assets white list
It updates.
Optionally, display module is also used to: the acknowledged alarm information that parsing obtains is shown by way of table.
Optionally, it obtains module to be also used to: obtaining the security alarm that Internet of Things access equipment is sent;It is sieved in security alarm
Selecting alarm type is the alarm of illegal access style, obtains illegal access warning.
Particular content in the embodiment two can be with reference to the associated description in above-described embodiment one, and details are not described herein.
Embodiment three:
The embodiment of the invention provides a kind of electronic equipment, and with reference to Fig. 5, which includes: processor 40, memory
41, bus 42 and communication interface 43, processor 40, communication interface 43 and memory 41 are connected by bus 42;Processor 40 is used
The executable module stored in execution memory 41, such as computer program.Processor is realized such as when executing calculating and program
Described in embodiment of the method the step of method.
Wherein, memory 41 may include high-speed random access memory (RAM, Random Access Memory),
It may further include non-labile memory (non-volatile memory), for example, at least a magnetic disk storage.By extremely
A few communication interface 43 (can be wired or wireless) is realized logical between the system network element and at least one other network element
Letter connection, can be used internet, wide area network, local network, Metropolitan Area Network (MAN) etc..
Bus 42 can be isa bus, pci bus or eisa bus etc..It is total that bus can be divided into address bus, data
Line, control bus etc..Only to be indicated with a four-headed arrow in Fig. 5, it is not intended that an only bus or one convenient for indicating
The bus of seed type.
Wherein, memory 41 is for storing program, and processor 40 executes program after receiving and executing instruction, and aforementioned
Method performed by the device that the stream process that inventive embodiments any embodiment discloses defines can be applied in processor 40, or
Person is realized by processor 40.
Processor 40 may be a kind of IC chip, the processing capacity with signal.During realization, above-mentioned side
Each step of method can be completed by the integrated logic circuit of the hardware in processor 40 or the instruction of software form.Above-mentioned
Processor 40 can be general processor, including central processing unit (Central Processing Unit, abbreviation CPU), network
Processor (Network Processor, abbreviation NP) etc.;It can also be digital signal processor (Digital Signal
Processing, abbreviation DSP), specific integrated circuit (Application Specific Integrated Circuit, referred to as
ASIC), ready-made programmable gate array (Field-Programmable Gate Array, abbreviation FPGA) or other are programmable
Logical device, discrete gate or transistor logic, discrete hardware components.It may be implemented or execute in the embodiment of the present invention
Disclosed each method, step and logic diagram.General processor can be microprocessor or the processor is also possible to appoint
What conventional processor etc..The step of method in conjunction with disclosed in the embodiment of the present invention, can be embodied directly in hardware decoding processing
Device executes completion, or in decoding processor hardware and software module combination execute completion.Software module can be located at
Machine memory, flash memory, read-only memory, programmable read only memory or electrically erasable programmable memory, register etc. are originally
In the storage medium of field maturation.The storage medium is located at memory 41, and processor 40 reads the information in memory 41, in conjunction with
Its hardware completes the step of above method.
In another embodiment, a kind of calculating of non-volatile program code that can be performed with processor is additionally provided
The step of machine readable medium, said program code makes the processor execute method described in above-described embodiment one.
The computer journey that Internet of Things illegally accesses the method and device of assets is quickly disposed provided by the embodiment of the present invention
Sequence product, the computer readable storage medium including storing program code, the instruction that said program code includes can be used for holding
Row previous methods method as described in the examples, specific implementation can be found in embodiment of the method, and details are not described herein.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description
It with the specific work process of device, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
In addition, in the description of the embodiment of the present invention unless specifically defined or limited otherwise, term " installation ", " phase
Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can
To be mechanical connection, it is also possible to be electrically connected;It can be directly connected, can also can be indirectly connected through an intermediary
Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition
Concrete meaning in invention.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product
It is stored in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially in other words
The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter
Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a
People's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention.
And storage medium above-mentioned includes: that USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited
The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.
In the description of the present invention, it should be noted that term " center ", "upper", "lower", "left", "right", "vertical",
The orientation or positional relationship of the instructions such as "horizontal", "inner", "outside" be based on the orientation or positional relationship shown in the drawings, merely to
Convenient for description the present invention and simplify description, rather than the device or element of indication or suggestion meaning must have a particular orientation,
It is constructed and operated in a specific orientation, therefore is not considered as limiting the invention.In addition, term " first ", " second ",
" third " is used for descriptive purposes only and cannot be understood as indicating or suggesting relative importance.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to
So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into
Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution
The range of scheme.
Claims (10)
1. a kind of method that quickly disposition Internet of Things illegally accesses assets, which is characterized in that be applied to the sense of Internet of Things security postures
Know platform, which comprises
Obtain the illegal access warning that Internet of Things access equipment is sent;Wherein, the illegal access warning is that the Internet of Things is quasi-
Enter the illegal access warning in the environment of internet of things where equipment;
The illegal access warning is parsed, and shows the acknowledged alarm information that parsing obtains, wherein the acknowledged alarm information
It include: warning information and alarm operation button;
It receives the communication control that user sends according to the warning information to instruct, and described in communication control instruction is sent to
Internet of Things access equipment executes the Internet of Things assets so that the Internet of Things access equipment is instructed according to the communication control
Corresponding communication control operation;Wherein, the communication control instruction is that the user is sent by the alarm operation button
Instruction, the communication control instruction includes following any: allowing communication instruction, forbids communication instruction.
2. the method according to claim 1, wherein maintenance has object on the Internet of Things security postures aware platform
Networking assets blacklist and Internet of Things assets white list obtain after to the illegal access warning parsing showing to parse
Acknowledged alarm information before, the method also includes:
Judge to parse whether Internet of Things assets included in the obtained warning information are the Internet of Things assets blacklist
In Internet of Things assets, and judge whether Internet of Things assets included in the obtained warning information of parsing are the Internet of Things money
Produce the Internet of Things assets in white list;
If it is the Internet of Things assets in the Internet of Things assets blacklist, then the taboo is sent to the Internet of Things access equipment
Only communication instruction, so that the Internet of Things access equipment forbids communication instruction to forbid Internet of Things assets execution according to
Traffic operation;
If it is the Internet of Things assets in the Internet of Things assets white list, then sent to the Internet of Things access equipment described fair
Perhaps communication instruction, so that the Internet of Things access equipment executes permission to the Internet of Things assets according to the permission communication instruction
Traffic operation.
3. according to the method described in claim 2, it is characterized in that, the method also includes:
If Internet of Things assets included in the warning information are not the Internet of Things money in the Internet of Things assets blacklist
It produces, and Internet of Things assets included in the warning information are not the Internet of Things assets in the Internet of Things assets white list,
Then show the acknowledged alarm information that parsing obtains.
4. according to the method described in claim 2, it is characterized in that, communication control instruction is sent to the Internet of Things
After access equipment, the method also includes:
The Internet of Things assets blacklist or the Internet of Things assets white list are updated based on communication control instruction.
5. the method according to claim 1, wherein the acknowledged alarm information for showing that parsing obtains includes:
The acknowledged alarm information that parsing obtains is shown by way of table.
6. the method according to claim 1, wherein obtaining the illegal access warning that Internet of Things access equipment is sent
Include:
Obtain the security alarm that the Internet of Things access equipment is sent;
The alarm that alarm type is illegal access style is screened in the security alarm, obtains the illegal access warning.
7. the device that a kind of quickly disposition Internet of Things illegally accesses assets, which is characterized in that be applied to the sense of Internet of Things security postures
Know platform, described device includes:
Module is obtained, for obtaining the illegal access warning of Internet of Things access equipment transmission;Wherein, the illegal access warning is
The illegal access warning in environment of internet of things where the Internet of Things access equipment;
Parsing module for parsing to the illegal access warning, and shows the acknowledged alarm information that parsing obtains, wherein institute
Stating acknowledged alarm information includes: warning information and alarm operation button;
Receiving module, the communication control sent for receiving user according to the warning information instruct, and by the communication control
Instruction is sent to the Internet of Things access equipment, so that the Internet of Things access equipment is instructed according to the communication control to described
Internet of Things assets execute corresponding communication control operation;Wherein, the communication control instruction is that the user passes through the alarm
The instruction that operation button is sent, the communication control instruction includes following any: allowing communication instruction, forbids communication instruction.
8. device according to claim 7, which is characterized in that maintenance has object on the Internet of Things security postures aware platform
Networking assets blacklist and Internet of Things assets white list, described device further include:
Judgment module parses whether Internet of Things assets included in the obtained warning information are the Internet of Things for judging
Internet of Things assets in net assets blacklist, and judge Internet of Things assets included in the obtained warning information of parsing whether be
Internet of Things assets in the Internet of Things assets white list;
First sending module, if it is the Internet of Things assets in the Internet of Things assets blacklist, then to the Internet of Things access
Equipment forbids communication instruction described in sending, so that the Internet of Things access equipment forbids communication instruction to the Internet of Things according to
Traffic operation is forbidden in the execution of net assets;
Second sending module, if it is the Internet of Things assets in the Internet of Things assets white list, then to the Internet of Things access
Equipment sends the permission communication instruction, so that the Internet of Things access equipment is according to the permission communication instruction to the Internet of Things
Net assets, which execute, allows traffic operation.
9. device according to claim 8, which is characterized in that described device further include:
Display module, if Internet of Things assets included in the warning information are not in the Internet of Things assets blacklist
Internet of Things assets, and Internet of Things assets included in the warning information are not the Internet of Things in the Internet of Things assets white list
Net assets then show the acknowledged alarm information that parsing obtains.
10. a kind of electronic equipment, which is characterized in that including memory, processor, being stored on the memory can be at the place
The computer program run on reason device, which is characterized in that the processor realizes aforesaid right when executing the computer program
It is required that the step of method described in any one of 1 to 6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910727768.1A CN110417807A (en) | 2019-08-07 | 2019-08-07 | Quickly disposition Internet of Things illegally accesses the method and device of assets |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910727768.1A CN110417807A (en) | 2019-08-07 | 2019-08-07 | Quickly disposition Internet of Things illegally accesses the method and device of assets |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110417807A true CN110417807A (en) | 2019-11-05 |
Family
ID=68366704
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910727768.1A Pending CN110417807A (en) | 2019-08-07 | 2019-08-07 | Quickly disposition Internet of Things illegally accesses the method and device of assets |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110417807A (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8745746B1 (en) * | 2012-03-07 | 2014-06-03 | Symantec Corporation | Systems and methods for addressing security vulnerabilities on computing devices |
CN103944896A (en) * | 2014-04-16 | 2014-07-23 | 广东电网公司信息中心 | Smart power grid safety protection system |
CN106789982A (en) * | 2016-12-08 | 2017-05-31 | 北京立思辰新技术有限公司 | A kind of safety protecting method being applied in industrial control system and system |
CN106982229A (en) * | 2017-05-10 | 2017-07-25 | 南京南瑞继保电气有限公司 | The network security supervisory systems and collaboration monitoring and managing method of a kind of layered distribution type collaboration |
CN107547229A (en) * | 2016-06-29 | 2018-01-05 | 南京联成科技发展股份有限公司 | A kind of implementation method of the safe operation management platform intelligent control based on big data |
CN109639634A (en) * | 2018-11-05 | 2019-04-16 | 杭州安恒信息技术股份有限公司 | A kind of Internet of Things adaptive security means of defence and system |
CN110012469A (en) * | 2019-04-29 | 2019-07-12 | 四川英得赛克科技有限公司 | A kind of hotspot legitimacy quick discrimination method under industrial control condition |
-
2019
- 2019-08-07 CN CN201910727768.1A patent/CN110417807A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8745746B1 (en) * | 2012-03-07 | 2014-06-03 | Symantec Corporation | Systems and methods for addressing security vulnerabilities on computing devices |
CN103944896A (en) * | 2014-04-16 | 2014-07-23 | 广东电网公司信息中心 | Smart power grid safety protection system |
CN107547229A (en) * | 2016-06-29 | 2018-01-05 | 南京联成科技发展股份有限公司 | A kind of implementation method of the safe operation management platform intelligent control based on big data |
CN106789982A (en) * | 2016-12-08 | 2017-05-31 | 北京立思辰新技术有限公司 | A kind of safety protecting method being applied in industrial control system and system |
CN106982229A (en) * | 2017-05-10 | 2017-07-25 | 南京南瑞继保电气有限公司 | The network security supervisory systems and collaboration monitoring and managing method of a kind of layered distribution type collaboration |
CN109639634A (en) * | 2018-11-05 | 2019-04-16 | 杭州安恒信息技术股份有限公司 | A kind of Internet of Things adaptive security means of defence and system |
CN110012469A (en) * | 2019-04-29 | 2019-07-12 | 四川英得赛克科技有限公司 | A kind of hotspot legitimacy quick discrimination method under industrial control condition |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10841867B2 (en) | Network connection method and user equipment | |
US8230502B1 (en) | Push alert system, method, and computer program product | |
CN1972297B (en) | Computerized system and method for policy-based content filtering | |
JP4718216B2 (en) | Program, client authentication request method, server authentication request processing method, client, and server | |
CN109981344A (en) | Scan method, device and network forwarding equipment | |
US20040006618A1 (en) | Network construction system | |
CN105391687A (en) | System and method for supplying information security operation service to medium-sized and small enterprises | |
CN109804610B (en) | Method and system for limiting data traffic transmission of network enabled devices | |
CN105684391A (en) | Automated generation of label-based access control rules | |
CN103179100B (en) | A kind of method and apparatus preventing domain name system Tunnel Attack | |
SA519400979B1 (en) | Activity-Triggered Provisioning of Portable Wireless Networks | |
US11711241B2 (en) | Techniques for utilizing multiple network interfaces for a cloud shell | |
CN110661670A (en) | Network equipment configuration management method and device | |
CN109067807A (en) | Safety protecting method, device and electronic equipment based on WEB application firewall overload | |
CN103413083A (en) | Security defending system for single host | |
US8812693B2 (en) | System and method of implementing aggregated virtual private network (VPN) settings through a simplified graphical user interface (GUI) | |
CN105897475B (en) | A kind of remote configuring method and router of router | |
CN106453333B (en) | The firewall rule creation method and device of virtual platform | |
CN107707557A (en) | Anonymous access method, apparatus, the network equipment and readable storage medium storing program for executing | |
CN105187446B (en) | A kind of home gateway detection and the system and method for shielding user's business of networking | |
CN106162718A (en) | A kind of WiFi network access detection method and device | |
US8239941B1 (en) | Push alert system, method, and computer program product | |
CN110417807A (en) | Quickly disposition Internet of Things illegally accesses the method and device of assets | |
CN103457934B (en) | Virus defense method based on gateway device, gateway device and server | |
CN109358508A (en) | One kind being based on self study industrial control host safety protecting method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191105 |