CN110602115B - Security decision method and system based on micro-service - Google Patents
Security decision method and system based on micro-service Download PDFInfo
- Publication number
- CN110602115B CN110602115B CN201910887912.8A CN201910887912A CN110602115B CN 110602115 B CN110602115 B CN 110602115B CN 201910887912 A CN201910887912 A CN 201910887912A CN 110602115 B CN110602115 B CN 110602115B
- Authority
- CN
- China
- Prior art keywords
- decision
- message
- decision maker
- application system
- request message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The invention relates to a security decision method and a system based on micro-service, wherein the method provides a message distributor and a decision device which are arranged between a user terminal and an application system, and a message input process comprises the following steps: the user side sends a request message to the message distributor; the message distributor forwards the request message to the decision maker; the decision maker processes the request message and obtains a decision conclusion; the decision maker returns a decision conclusion to the message distributor; the message distributor judges whether the request message belongs to the attack behavior according to the decision conclusion; if the request message is judged to belong to the attack behavior, returning standard error information to the user side; and if the request message is judged not to belong to the attack behavior, transmitting the request message into an application system. The invention can enable the application system to have the protection capability of the application layer logic safety problem without redesigning the safety design, and avoids the risk of data cut-over of a redesigned and online new system.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a security decision method and a security decision system based on micro-service.
Background
With the rapid development of information technology, various internet application services (mainly web application systems) are increasing, and with the lapse of time, security problems are also accompanying.
Many small-scale web applications or long-term network systems are not designed with a security architecture, and the lack of the security architecture at the application layer may cause the application layer to generate some unique logic security problems, for example: security risks such as counterfeiting, unauthorized use, process jumping, denial of service, information leakage, repudiation, etc. are out of control. For example, many web applications do not redefine output data during development, so that the output data brings out some sensitive data; for example, the following steps are carried out: personal information is output, and password field should not be output in principle, but many websites are convenient to develop, output data is not repackaged, and then personal information class packages are sent out together, so that the password field is brought, and information leakage is caused.
Traditional firewalls or security solutions mainly solve some general-purpose problems, such as network security problems, component vulnerability problems, middleware configuration problems, general application security problems, such as xss, injection, etc.; while the logical problems unique to the application layer are not covered. With the rapid development of information technology and the low-end of hacker technology, the solution of these risks is inevitable.
The above prior art solutions have the following drawbacks:
1. to solve these security problems, enterprises need to re-optimize each interface of a product, which requires a large amount of workload and frequently restarts the system; or redesign the product architecture, but at a high cost;
2. in a conventional security framework, security check is generally implemented in a serial manner, and a general process is to input check sensitive words, authenticate the input check sensitive words and then authenticate the input check sensitive words, so that the problems caused by the following steps are that: a. the performance may have a bottleneck due to an excessively long security check flow; b. when the safety verification of the front end does not pass, the verification of the back end is not carried out;
3. in later use, when a new safety protection function needs to be added, each interface of the product needs to be optimized again or the product architecture needs to be redesigned.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a security decision method and a security decision system based on microservice, wherein security modules such as an authentication device, an authentication device and the like are added into the existing web application through the setting of a message distributor and a decision device, so that the whole web application is not required to be redesigned.
The above object of the present invention is achieved by the following technical solutions:
a security decision method based on micro service provides a message distributor and a decision device arranged between a user terminal and an application system, and a message input process comprises the following steps:
s01: the user side sends a request message to the message distributor;
s02: the message distributor forwards the request message to the decision maker;
s03: the decision maker processes the request message and obtains a decision conclusion;
s04: the decision maker returns the decision conclusion to the message distributor;
s05: the message distributor judges whether the request message belongs to an attack behavior according to the decision conclusion;
s06: if the request message is judged to belong to the attack behavior, returning to the standard error information of the user side;
s07: and if the request message is judged not to belong to the attack behavior, transmitting the request message into the application system.
By adopting the technical scheme, the application system can have the protection capability of the application layer logic safety problem without redesigning the application system, and the risk of data cut-over of a redesigned and online new system is avoided.
The invention is further configured to: the decision device comprises an authenticator, a safety process engine, a sensitive information filtering engine or a safety log record sub-module.
By adopting the technical scheme, the decision maker comprises various safety protection modules, and one or more safety protection modules can be selectively selected to protect the application system.
The invention is further configured to: the safety process engine is a service module realized based on BPM business process modeling.
By adopting the technical scheme, the BPM business process modeling is used for ensuring that each step of the business process is not skipped.
The invention is further configured to: the sensitive information filtering engine is a service module realized based on a sensitive word filtering algorithm.
By adopting the technical scheme, the sensitive word filtering algorithm specifically comprises the following steps: and configuring a sensitive word library, searching in request information input by the user terminal, judging whether the sensitive words exist, and if so, reporting an error and prompting that the user terminal cannot input the sensitive words.
The invention is further configured to: and each sub-module of the decision maker adopts parallel processing.
By adopting the technical scheme, the problem that some submodules do not play a role can not occur by adopting parallel processing, so that all the submodules can play a role simultaneously.
The invention is further configured to: the parallel processing specifically comprises: the general processing module of the decision maker directly distributes the input request message to each sub-module, the sub-modules do not influence each other and work independently, then the respective processing results are reported to the general processing module, and the general processing module obtains the decision conclusion according to the processing results.
By adopting the technical scheme, the total processing module collects and combines the information processed by each sub-module to obtain a decision conclusion.
The invention is further configured to: the message input process also comprises the step of deploying the decision maker, and the method comprises the following steps:
s11: configuring a configuration file of the decision maker, forming a session mechanism for accessing the application system, and initializing to synchronize user information data;
s12: acquiring an interface list of the application system by using a scanning tool or an agent tool so as to confirm the interface range of the application system which is covered by the decision maker;
s13: configuring a database of the decision maker so as to perfect decision rules of the decision maker and an interface range of an application system to be covered;
s14: configuring a configuration file of the decision maker to perfect interface synchronization of user management, and when a user management event occurs, synchronizing the state of a corresponding user by the decision maker according to a request;
s15: configuring the decision device on the message distributor as a debug mode;
s16: testing whether all interfaces realize decision-making capability and debugging;
s17: and when all the interfaces realize the decision capability, modifying the decision maker mode on the configuration item of the message distributor into a work mode, enabling the decision maker to take effect, and enabling the message distributor to definitely transmit the request message of the user to the application system or not according to the decision conclusion of the decision maker.
By adopting the technical scheme, the service requirement is assumed to be the rbac authentication model, and the current authentication model does not meet the requirement, the decision maker needs to be deployed firstly.
The invention is further configured to: when a new safety protection mechanism needs to be added, a new decision maker is added, and the IP address information of the new decision maker is configured into the message distributor.
By adopting the technical scheme, the new decision maker is deployed in a bypass mode, and all modules of the original decision maker are not affected.
The invention is further configured to: the method also comprises a message output flow, and comprises the following steps:
s21: the application system returns response data to the message distributor;
s22: the message distributor forwards the response data to the decision maker;
s23: the decision maker processes the response data;
s24: the decision-making device returns the processed response data to the message distributor;
s25: and the message distributor returns the processed response data to the user side.
By adopting the technical scheme, the decision maker processes the response data of the application system, and sensitive information in the application system database is prevented from being leaked.
The second aim of the invention is realized by the following technical scheme:
a security decision system based on micro-services comprises a message distributor and a decision device, wherein the message distributor and the decision device are arranged between a user side and an application system, a request message sent to the application system by the user side and response data returned to the user side by the application system are both sent to the message distributor, the message distributor is communicated with the decision device, the decision device carries out decision and processing on the request message and the response data and returns the decision and processing results to the message distributor, and the message distributor sends the request message to the application system or sends the response data to the user side according to the decision and processing results.
By adopting the technical scheme, the application system can have the protection capability of the application layer logic safety problem without redesigning the application system, and the risk of data cut-over of a redesigned and online new system is avoided.
In conclusion, the beneficial technical effects of the invention are as follows:
1. aiming at the depreciation product, the application system can have the protection capability of the application layer logic safety problem without re-designing the application system, and the risk of re-designing and cutting and connecting the data of an online new system is avoided;
2. the sub-modules of the decision device are parallel, and the parallel has the advantages that: a. performance is not problematic; b. the problem that some decision maker submodules do not play a role is solved, and all the decision maker submodules can play a role at the same time;
3. in later use, when a new safety protection function needs to be added, only a new decision maker needs to be added, the new decision maker is deployed by-pass and has no influence on all original decision makers, all decision makers are loosely coupled, and all decision makers are also loosely coupled to historical products (web application systems).
Drawings
Fig. 1 is a message input flow diagram of the present invention.
Fig. 2 is a message output flow diagram of the present invention.
Fig. 3 is a schematic block diagram of the system of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings.
Referring to fig. 1, for the security decision method based on microservice disclosed by the present invention, a message distributor and a decision device are provided and arranged between a user side and an application system, and a message input process includes the following steps:
s01: the user side sends a request message to the message distributor;
s02: the message distributor forwards the request message to the decision maker;
s03: the decision maker processes the request message and obtains a decision conclusion;
s04: the decision maker returns the decision conclusion to the message distributor;
s05: the message distributor judges whether the request message belongs to an attack behavior according to the decision conclusion;
s06: if the request message is judged to belong to the attack behavior, returning to the standard error information of the user side;
s07: and if the request message is judged not to belong to the attack behavior, transmitting the request message into the application system.
Preferably, the decision maker includes various safety protection modules, such as an authenticator, a parameter checker, a safety flow engine, a sensitive information filtering engine, or a safety log record, and may selectively select one or more safety protection modules to protect the application system. The standard error information includes information whether each sub-module passes, for example, the authentication result of the authenticator module shows that the request message contains the unauthorized attack behavior, and the error information is returned to the user side authenticator that the authentication result does not pass.
The authenticator is used for preventing the behavior of directly accessing the system without authentication; the authenticator is used for preventing the same-level user from accessing information or interfaces which other users can access (based on different models, such as rbac, hac and the like), or the low-level user from accessing information or interfaces which high-level users can access; the participating verifier is used for preventing dos attack of an application layer, or injection, or various unknown logic bugs; the sensitive information filtering engine is used for preventing sensitive or private information from leaking; sensitive content filtering is also included for preventing entry of information related to politically sensitive content; the security log record is used to prevent user repudiation.
The safety Process engine is a service module realized based on BPM (Business Process modeling), and the Process control realized based on the Process cannot be bypassed by a user, so that the Process skipping attack is prevented. For example, in a payment scenario, the process of making an order, paying, and shipping is generally performed; in the case of an application system which is not designed with flow control, after an order is made, a user may directly initiate a delivery request by skipping the payment step through an attack means, which results in the loss of payment for the merchant. The application system realized by the bpm flow model has no problem; the safety flow engine is a service for realizing the bpm model, and judges whether the model is matched or not by comparing the url context with the model.
The sensitive information filtering engine is a service module implemented based on a sensitive word filtering algorithm, for example: the output is personal information, in principle, the field password should not be output, and the sensitive information filtering engine of the decision maker replaces the field password with 'x' according to a configured rule, so that the field password is 'x' in the response message. The test means is as follows: for example, if the password field is leaked, whether the response message has a plaintext password can be checked by using an agent such as bursusite or by using the F12 function of the browser.
Each submodule of the decision maker adopts parallel processing; the parallel processing specifically comprises: the general processing module of the decision maker directly distributes the input request message to each sub-module, the sub-modules do not influence each other and work independently, then the respective processing results are reported to the general processing module, and the general processing module obtains the decision conclusion according to the processing results.
The message input process also comprises the step of deploying the decision maker, and the method comprises the following steps:
s11: configuring a configuration file of the decision maker, forming a session mechanism for accessing the application system, and initializing to synchronize user information data;
s12: acquiring an interface list of the application system by using a scanning tool or an agent tool so as to confirm the interface range of the application system which is covered by the decision maker; when the interfaces of the application system are many, the interfaces can be sequentially covered by each module of the decision maker according to business requirements, stages and importance sequence.
S13: configuring a database of the decision maker (each sub-module) so as to perfect decision rules of the decision maker and an interface range of an application system to be covered;
s14: configuring a configuration file of the decision maker (each sub-module) to perfect interface synchronization of user management, and when a user management event occurs, synchronizing the state of a corresponding user (such as whether the user is deleted) by the decision maker (each sub-module) according to a request;
s15: configuring the decision maker (each sub-module) on the message distributor to be in a debug mode (the debug mode represents that a decision conclusion of the message distributor on each sub-module of the decision maker is not taken as a conclusion whether the message is finally transmitted or not, but a relevant log is recorded);
s16: testing whether all interfaces realize decision-making capability and debugging;
s17: and when all the interfaces realize the decision capability, modifying the decision maker mode on the configuration item of the message distributor into a work mode, enabling the decision maker to take effect, and enabling the message distributor to definitely transmit the request message of the user to the application system or not according to the decision conclusion of the decision maker.
Because the invention is based on microservice, when a new safety protection mechanism needs to be added or a new decision maker module needs to be developed on the spot based on business, the new decision maker can be inserted into the system only by adding a new decision maker and configuring the IP address information of the new decision maker into the message distributor, and the whole process does not need to be stopped. When the new decision maker needs to be deleted, the new decision maker can be directly closed, the decision maker total processing module has an alarm message, and then a manager waits for processing; there are several ways for the administrator to handle:
1. the problem that the new decision maker is damaged is solved;
2. the IP address of the new decision maker is deleted at the message distributor and then the new decision maker is deleted at the decision maker aggregate processing module.
Referring to fig. 2, a message output flow is further included, including the following steps:
s21: the application system returns response data to the message distributor;
s22: the message distributor forwards the response data to the decision maker;
s23: the decision maker processes the response data;
s24: the decision-making device returns the processed response data to the message distributor;
s25: and the message distributor returns the processed response data to the user side.
Referring to fig. 3, the present embodiment provides a security decision system based on microservice, including a message distributor and a decision maker, where the message distributor and the decision maker are disposed between a user side and an application system, a request message sent by the user side to the application system and response data returned by the application system to the user side are both sent to the message distributor, the message distributor communicates with the decision maker, the decision maker makes a decision on and processes the request message and the response data and returns the decision to the message distributor, and the message distributor sends the request message to the application system or sends the response data to the user side according to a result of the decision and the processing.
The decision maker comprises various safety protection modules (an authenticator, a safety process engine, a sensitive information filtering engine, a safety log record and other sub-modules), and can selectively select one or more safety protection modules to protect the application system.
The embodiments of the present invention are preferred embodiments of the present invention, and the scope of the present invention is not limited by these embodiments, so: all equivalent changes made according to the structure, shape and principle of the invention are covered by the protection scope of the invention.
Claims (7)
1. A security decision method based on micro service is characterized in that a message distributor and a decision device are provided and arranged between a user side and an application system, and a message input process comprises the following steps:
s01: the user side sends a request message to the message distributor;
s02: the message distributor forwards the request message to the decision maker;
s03: the decision maker processes the request message and obtains a decision conclusion;
s04: the decision maker returns the decision conclusion to the message distributor;
s05: the message distributor judges whether the request message belongs to an attack behavior according to the decision conclusion;
s06: if the request message is judged to belong to the attack behavior, returning to the standard error information of the user side;
s07: if the request message is judged not to belong to the attack behavior, the request message is transmitted to the application system;
the decision maker comprises various safety protection modules, an authenticator, a parameter-entering checker, a safety flow engine, a sensitive information filtering engine or safety log record sub-modules, and one or more safety protection modules are selected to protect the application system;
each submodule of the decision maker adopts parallel processing; the parallel processing specifically comprises: the general processing module of the decision maker directly distributes the input request message to each sub-module, the sub-modules do not influence each other and work independently, then the respective processing results are reported to the general processing module, and the general processing module obtains the decision conclusion according to the processing results; the standard error information includes information whether each sub-module passes or not.
2. The microservice-based security decision-making method of claim 1, wherein: the safety process engine is a service module realized based on BPM business process modeling.
3. The microservice-based security decision-making method of claim 1, wherein: the sensitive information filtering engine is a service module realized based on a sensitive word filtering algorithm.
4. The microservice-based security decision-making method according to claim 1, wherein the message input process further comprises deploying the decision-maker, comprising the steps of:
s11: configuring a configuration file of the decision maker, forming a session mechanism for accessing the application system, and initializing to synchronize user information data;
s12: acquiring an interface list of the application system by using a scanning tool or an agent tool so as to confirm the interface range of the application system which is covered by the decision maker;
s13: configuring a database of the decision maker so as to perfect decision rules of the decision maker and an interface range of an application system to be covered;
s14: configuring a configuration file of the decision maker to perfect interface synchronization of user management, and when a user management event occurs, synchronizing the state of a corresponding user by the decision maker according to a request;
s15: configuring the decision device on the message distributor as a debug mode;
s16: testing whether all interfaces realize decision-making capability and debugging;
s17: and when all the interfaces realize the decision capability, modifying the decision maker mode on the configuration item of the message distributor into a work mode, enabling the decision maker to take effect, and enabling the message distributor to definitely transmit the request message of the user to the application system or not according to the decision conclusion of the decision maker.
5. The microservice-based security decision-making method of claim 1, wherein: when a new safety protection mechanism needs to be added, a new decision maker is added, and the IP address information of the new decision maker is configured into the message distributor.
6. The microservice-based security decision-making method of claim 1, wherein: the method also comprises a message output flow, and comprises the following steps:
s21: the application system returns response data to the message distributor;
s22: the message distributor forwards the response data to the decision maker;
s23: the decision maker processes the response data;
s24: the decision-making device returns the processed response data to the message distributor;
s25: and the message distributor returns the processed response data to the user side.
7. A microservice-based security decision system, comprising: the system comprises a message distributor and a decision maker, wherein the message distributor and the decision maker are arranged between a user side and an application system, a request message sent to the application system by the user side and response data returned to the user side by the application system are both sent to the message distributor, the message distributor is communicated with the decision maker, the decision maker makes a decision on and processes the request message and the response data to obtain a decision conclusion and returns the decision conclusion to the message distributor, and the message distributor sends the request message to the application system or sends the response data to the user side according to the decision and processing result; the decision maker comprises various safety protection modules, an authenticator, a parameter-entering checker, a safety flow engine, a sensitive information filtering engine or safety log record sub-modules, and one or more safety protection modules are selected to protect the application system; each submodule of the decision maker adopts parallel processing; the parallel processing specifically comprises: the general processing module of the decision maker directly distributes the input request message to each sub-module, the sub-modules do not influence each other and work independently, then the respective processing results are reported to the general processing module, and the general processing module obtains the decision conclusion according to the processing results.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910887912.8A CN110602115B (en) | 2019-09-19 | 2019-09-19 | Security decision method and system based on micro-service |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910887912.8A CN110602115B (en) | 2019-09-19 | 2019-09-19 | Security decision method and system based on micro-service |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110602115A CN110602115A (en) | 2019-12-20 |
| CN110602115B true CN110602115B (en) | 2022-03-29 |
Family
ID=68861293
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910887912.8A Active CN110602115B (en) | 2019-09-19 | 2019-09-19 | Security decision method and system based on micro-service |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110602115B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101247395A (en) * | 2008-03-13 | 2008-08-20 | 武汉理工大学 | ISAPI access control system for Session ID fully transparent transmission |
| CN104994104A (en) * | 2015-07-06 | 2015-10-21 | 浙江大学 | Server fingerprint mimicry and sensitive information mimicry method based on WEB security gateway |
| CN106982231A (en) * | 2017-05-12 | 2017-07-25 | 王振辉 | A kind of inside threat real-time detection method based on Agent |
| CN107491858A (en) * | 2017-07-05 | 2017-12-19 | 北京科东电力控制系统有限责任公司 | A kind of electric power transaction platform based on micro services application architecture |
| CN109673232A (en) * | 2018-11-02 | 2019-04-26 | 中国农业大学 | A kind of wisdom trickle irrigation cloud service management system based on micro services framework |
| CN110149397A (en) * | 2019-05-20 | 2019-08-20 | 湖北亿咖通科技有限公司 | A kind of micro services integration method and device |
-
2019
- 2019-09-19 CN CN201910887912.8A patent/CN110602115B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101247395A (en) * | 2008-03-13 | 2008-08-20 | 武汉理工大学 | ISAPI access control system for Session ID fully transparent transmission |
| CN104994104A (en) * | 2015-07-06 | 2015-10-21 | 浙江大学 | Server fingerprint mimicry and sensitive information mimicry method based on WEB security gateway |
| CN106982231A (en) * | 2017-05-12 | 2017-07-25 | 王振辉 | A kind of inside threat real-time detection method based on Agent |
| CN107491858A (en) * | 2017-07-05 | 2017-12-19 | 北京科东电力控制系统有限责任公司 | A kind of electric power transaction platform based on micro services application architecture |
| CN109673232A (en) * | 2018-11-02 | 2019-04-26 | 中国农业大学 | A kind of wisdom trickle irrigation cloud service management system based on micro services framework |
| CN110149397A (en) * | 2019-05-20 | 2019-08-20 | 湖北亿咖通科技有限公司 | A kind of micro services integration method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110602115A (en) | 2019-12-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109286632B (en) | Block chain-based big data authorization and evidence-storing method and system | |
| US9077746B2 (en) | Tool, method and apparatus for assessing network security | |
| CN107196951A (en) | The implementation method and firewall system of a kind of HDFS systems fire wall | |
| Salim | Cyber safety: A systems thinking and systems theory approach to managing cyber security risks | |
| CN106878250B (en) | Cross-application single-state login method and device | |
| CN109446259B (en) | Data processing method and device, processor and storage medium | |
| JP2008257738A (en) | Method of identifying application user as source of database activity | |
| Shrivas et al. | Hybrid security framework for blockchain platforms | |
| US20160105417A1 (en) | Computer network security management system and method | |
| CN112632496B (en) | SaaS application integration platform and application method thereof | |
| CN110602115B (en) | Security decision method and system based on micro-service | |
| CN109753769A (en) | A kind of software authorization method and system based on block chain | |
| Singanamalla et al. | Telechain: Bridging telecom policy and blockchain practice | |
| CN114329395A (en) | Supply chain financial privacy protection method and system based on block chain | |
| Grillenmeier | Ransomware–one of the biggest threats facing enterprises today | |
| Hamdi et al. | Vulnerabilities and attacks assessments in blockchain 1.0, 2.0 and 3.0: tools, analysis and countermeasures | |
| Tejaswi et al. | All your IoT devices are belong to us: Security weaknesses in IoT management platforms | |
| Gruschka et al. | Information Quality Challenges in Industry 4.0. | |
| Narang et al. | Severity measure of issues creating vulnerabilities in websites using two way assessment technique | |
| CN115514548B (en) | Method and device for guaranteeing Internet application safety | |
| van Oorschot et al. | Security concepts and principles | |
| Qose et al. | Enhancing Trust in 5G | |
| Bays et al. | FIC Vulnerability Profile | |
| Prasher | Security Assurance of REST API based applications | |
| Ahonen et al. | Information security threats and solutions in the mobile world |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220906 Address after: Room 601-06, floor 6, block B, building 1, No. 3, Desheng Middle Road, Beijing Economic and Technological Development Zone, Daxing District, Beijing 100176 Patentee after: BEIJING XINHE YONGTAI TECHNOLOGY CO.,LTD. Address before: 210012 Room 403, unit 2, building 16, shengjingfang, Chunjiang new town, Yuhuatai District, Nanjing, Jiangsu Province Patentee before: Zheng Mingda |