CN110719277B - 基于一次性访问凭据的网络设备安全访问的系统和方法 - Google Patents
基于一次性访问凭据的网络设备安全访问的系统和方法 Download PDFInfo
- Publication number
- CN110719277B CN110719277B CN201910944247.1A CN201910944247A CN110719277B CN 110719277 B CN110719277 B CN 110719277B CN 201910944247 A CN201910944247 A CN 201910944247A CN 110719277 B CN110719277 B CN 110719277B
- Authority
- CN
- China
- Prior art keywords
- network equipment
- authentication
- user
- server
- bastion
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/08—Protocols specially adapted for terminal emulation, e.g. Telnet
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Telephonic Communication Services (AREA)
Abstract
Description
Claims (7)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910944247.1A CN110719277B (zh) | 2019-09-30 | 2019-09-30 | 基于一次性访问凭据的网络设备安全访问的系统和方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910944247.1A CN110719277B (zh) | 2019-09-30 | 2019-09-30 | 基于一次性访问凭据的网络设备安全访问的系统和方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110719277A CN110719277A (zh) | 2020-01-21 |
CN110719277B true CN110719277B (zh) | 2022-01-04 |
Family
ID=69211283
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910944247.1A Active CN110719277B (zh) | 2019-09-30 | 2019-09-30 | 基于一次性访问凭据的网络设备安全访问的系统和方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110719277B (zh) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111756729B (zh) * | 2020-06-23 | 2022-06-17 | 北京网瑞达科技有限公司 | 网络资源访问方法、装置、计算机设备和存储介质 |
CN114157438A (zh) * | 2020-08-18 | 2022-03-08 | 深圳富桂精密工业有限公司 | 网络设备管理方法、装置及计算机可读存储介质 |
CN113079164B (zh) * | 2021-04-02 | 2023-03-24 | 江苏保旺达软件技术有限公司 | 堡垒机资源的远程控制方法、装置、存储介质及终端设备 |
CN114006751B (zh) * | 2021-10-29 | 2024-06-11 | 广东宜教通教育有限公司 | 一种使用临时认证码的校园系统单点登录方法 |
CN114257436B (zh) * | 2021-12-16 | 2024-02-09 | 杭州乒乓智能技术有限公司 | 适用于堡垒机的访问安全管理方法、系统、电子设备和可读存储介质 |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102333090A (zh) * | 2011-09-28 | 2012-01-25 | 辽宁国兴科技有限公司 | 一种内控堡垒主机及安全访问内网资源的方法 |
CN102857520A (zh) * | 2012-10-11 | 2013-01-02 | 德讯科技股份有限公司 | 一种字符终端Telnet协议安全访问系统及方法 |
CN105847307A (zh) * | 2015-01-12 | 2016-08-10 | 北京神州泰岳信息安全技术有限公司 | 一体化运维方法及系统 |
CN106657011A (zh) * | 2016-11-22 | 2017-05-10 | 深圳市掌世界网络科技有限公司 | 一种业务服务器授权安全访问方法 |
CN106789029A (zh) * | 2017-01-04 | 2017-05-31 | 浙江神州量子网络科技有限公司 | 一种基于量子堡垒机的审计系统和审计方法以及量子堡垒机系统 |
CN106888084A (zh) * | 2017-01-04 | 2017-06-23 | 浙江神州量子网络科技有限公司 | 一种量子堡垒机系统及其认证方法 |
CN106936817A (zh) * | 2017-02-16 | 2017-07-07 | 上海帝联信息科技股份有限公司 | 操作执行方法、跳板机、集群认证服务器和堡垒机系统 |
CN109818938A (zh) * | 2018-12-29 | 2019-05-28 | 广东电网有限责任公司 | 一种it运维双因素认证系统及方法 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001069417A2 (en) * | 2000-03-17 | 2001-09-20 | Siemens Aktiengesellschaft | Plant maintenance technology architecture |
-
2019
- 2019-09-30 CN CN201910944247.1A patent/CN110719277B/zh active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102333090A (zh) * | 2011-09-28 | 2012-01-25 | 辽宁国兴科技有限公司 | 一种内控堡垒主机及安全访问内网资源的方法 |
CN102857520A (zh) * | 2012-10-11 | 2013-01-02 | 德讯科技股份有限公司 | 一种字符终端Telnet协议安全访问系统及方法 |
CN105847307A (zh) * | 2015-01-12 | 2016-08-10 | 北京神州泰岳信息安全技术有限公司 | 一体化运维方法及系统 |
CN106657011A (zh) * | 2016-11-22 | 2017-05-10 | 深圳市掌世界网络科技有限公司 | 一种业务服务器授权安全访问方法 |
CN106789029A (zh) * | 2017-01-04 | 2017-05-31 | 浙江神州量子网络科技有限公司 | 一种基于量子堡垒机的审计系统和审计方法以及量子堡垒机系统 |
CN106888084A (zh) * | 2017-01-04 | 2017-06-23 | 浙江神州量子网络科技有限公司 | 一种量子堡垒机系统及其认证方法 |
CN106936817A (zh) * | 2017-02-16 | 2017-07-07 | 上海帝联信息科技股份有限公司 | 操作执行方法、跳板机、集群认证服务器和堡垒机系统 |
CN109818938A (zh) * | 2018-12-29 | 2019-05-28 | 广东电网有限责任公司 | 一种it运维双因素认证系统及方法 |
Non-Patent Citations (5)
Title |
---|
"Bridging the Cloud Trust Gap: Using ORCON Policy to Manage Consumer Trust between Different Clouds";S. S. Kirkman and R. Newman;《2017 IEEE International Conference on Edge Computing (EDGE), Honolulu, HI, USA》;20171231;82-89页 * |
"Cloud-based Mission Observation, Response, Exploitation (CMORE) System";P. Hershey, C. B. Silio, A. Narayan and S. Rao;《2014 IEEE International Systems Conference Proceedings, Ottawa, ON, Canada》;20141231;317-324页 * |
"基于权限细分的安全云计算服务关键技术与系统";崔冬;《中国优秀硕士论文全文数据库(电子期刊)信息科技辑》;20180415(第4期);I139-289页 * |
基于应用代理的运维堡垒机研究;吴耀芳等;《微型电脑应用》;20130820(第08期);38-40页 * |
运维安全管理系统设计;吕宗健;《信息系统工程》;20150220(第02期);70-71页 * |
Also Published As
Publication number | Publication date |
---|---|
CN110719277A (zh) | 2020-01-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110719276B (zh) | 基于缓存密码的网络设备安全访问的系统及其工作方法 | |
CN110719277B (zh) | 基于一次性访问凭据的网络设备安全访问的系统和方法 | |
CN109120620B (zh) | 一种服务器管理方法及系统 | |
CN108901022B (zh) | 一种微服务统一鉴权方法及网关 | |
CN106330816B (zh) | 一种登录云桌面的方法和系统 | |
CN105027493B (zh) | 安全移动应用连接总线 | |
JP6121049B2 (ja) | プロキシを使用したリソースへの安全なアクセス | |
CN100596361C (zh) | 信息系统或设备的安全防护系统及其工作方法 | |
CN107122674B (zh) | 一种应用于运维审计系统的oracle数据库的访问方法 | |
US7334126B1 (en) | Method and apparatus for secure remote access to an internal web server | |
CN101714918A (zh) | 一种登录vpn的安全系统以及登录vpn的安全方法 | |
CN102065059A (zh) | 安全访问控制方法、客户端及系统 | |
US11784993B2 (en) | Cross site request forgery (CSRF) protection for web browsers | |
CN109547402B (zh) | 数据保护方法、装置、电子设备和可读存储介质 | |
CN111277607A (zh) | 通信隧道模块、应用监控模块及移动终端安全接入系统 | |
CN112039873A (zh) | 一种单点登录访问业务系统的方法 | |
US20210377224A1 (en) | Secure and auditable proxy technology using trusted execution environments | |
CN111526150A (zh) | 关于单集群或多集群云电脑远程运维端口零信任自动化规则放行平台及放行方法 | |
US10931662B1 (en) | Methods for ephemeral authentication screening and devices thereof | |
Chi et al. | Design and implementation of OpenStack cloud platform identity management scheme | |
CN113114464B (zh) | 统一安全管理系统及身份认证方法 | |
KR101404537B1 (ko) | 패스워드 자동 변경을 통한 서버 접근 통제 시스템 및 그 방법 | |
CN114900372B (zh) | 基于零信任安全哨兵体系的资源防护系统 | |
You et al. | Research and design of web single sign-on scheme | |
KR100640106B1 (ko) | 네트워크 가드 시스템 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information | ||
CB03 | Change of inventor or designer information |
Inventor after: Wang Daojia Inventor after: Wang Junyan Inventor after: Cluster Inventor before: Wang Daojia Inventor before: Weng Yuan Inventor before: Cluster |
|
CB03 | Change of inventor or designer information | ||
CB03 | Change of inventor or designer information |
Inventor after: Deng Yuting Inventor after: Wang Peng Inventor after: Wang Daojia Inventor after: Wang Junyan Inventor after: Cluster Inventor before: Wang Daojia Inventor before: Wang Junyan Inventor before: Cluster |
|
GR01 | Patent grant | ||
GR01 | Patent grant |