CN111131173A - Method for actively providing service by intranet - Google Patents
Method for actively providing service by intranet Download PDFInfo
- Publication number
- CN111131173A CN111131173A CN201911220507.7A CN201911220507A CN111131173A CN 111131173 A CN111131173 A CN 111131173A CN 201911220507 A CN201911220507 A CN 201911220507A CN 111131173 A CN111131173 A CN 111131173A
- Authority
- CN
- China
- Prior art keywords
- host
- intranet
- extranet
- network
- connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000004891 communication Methods 0.000 claims abstract description 15
- 238000012544 monitoring process Methods 0.000 claims abstract description 6
- 238000012545 processing Methods 0.000 claims description 7
- 230000007246 mechanism Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 description 14
- 230000005540 biological transmission Effects 0.000 description 10
- 230000004044 response Effects 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 3
- 238000002955 isolation Methods 0.000 description 3
- 238000005034 decoration Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a method for actively providing services by an intranet, which comprises an intranet host and an extranet host, wherein the extranet host is provided with a monitoring feedback module; when the intranet host sends a connectable data packet to the extranet host and adds a connectable record to the network connection pool, the extranet host acquires the connectable data packet and selects an available connection from the network connection pool, and then the intranet host and the extranet host establish network communication; the intranet connection can simultaneously initiate a plurality of connection data packets to be connected with a plurality of extranet hosts; and after the external network host acquires the data packets of all the internal network hosts, returning the network links to the connection pool, and uniformly arranging and reusing or destroying the connection in the connection pool. The invention provides a method for actively providing calling service of an external network host by an internal network, thereby realizing real-time exchange of data and information of the internal network and the external network under the safety requirement.
Description
The application is a method for actively providing calling service of an external network host by an internal network, and is a divisional application of a patent with application number 201610915145.3.
Technical Field
The invention relates to the field of message transmission between an internal network and an external network of a gateway in the Internet, in particular to the transmission of messages which are transmitted between the internal network and the external network in real time and are actively transmitted through the internal network.
Background
With the continuous development of internet technology, the internet has penetrated into all aspects of social life as an infrastructure, and becomes one of the main ways for publicly releasing and acquiring information. In addition, with the rise and development of internet applications such as e-commerce and cloud computing, the internet is gradually developing into an infrastructure with open distributed computing functions. However, due to the openness and complexity of the internet environment, the security of internet-based applications represented by Web applications is threatened unprecedentedly, and although many organizations adopt protection tools such as firewalls, intrusion detection systems and intrusion prevention systems and measures such as safer cryptography to ensure the security, attack reports of the internet still appear endlessly, so that all levels of organizations are serious in the security doubt of the internet.
At present, the need for data exchange between high-security networks and other low-security networks of some special institutional departments or enterprise and public institution technologies is increasingly evident, and for safety reasons, in order to ensure the security of sensitive data information and prevent the sensitive information on an internal server from being leaked, tampered, destroyed, monitored or invaded by viruses, a "physical isolation" mode is usually adopted, that is, two servers are arranged inside a system, so that an internal network and a public network are not directly or indirectly connected, but are logically connected. This means that network packets cannot flow from one network to another and that computers on trusted networks and computers on untrusted networks never have an actual connection. With the increase of services and the expansion of data volume, a device or a solution which not only meets the 'physical isolation' safety requirement but also can exchange data is established between an internal network and an external network, and the device or the solution becomes a research subject of a plurality of special institutional departments or enterprise and public institution technologies.
At present, when information exchange between two networks with different security levels is processed in China, an administrator is only allowed to manage a security isolation gatekeeper from a trust network (intranet) side, the management mode enables related data information to be operated or called only in the trust network, and the mode that an extranet accesses the intranet is not allowed, so that the calling requirement of a network (extranet) with lower security level on the information of the network (intranet) with higher security level is completely cut off, information updating is delayed, information among all the butt-joint departments is asymmetric, and the working efficiency is seriously influenced.
Disclosure of Invention
The invention provides a method for an internal network to actively provide an external network host calling service, aiming at the problems, the method enables the data of the external network and the internal network to start timely information transmission by a mode that the internal network firstly actively initiates a connection signal.
In order to solve the technical problem, the technical scheme of the name is as follows:
a method for actively providing calling service of an external network host by an internal network comprises the internal network host and the external network host, wherein the external network host is provided with a monitoring feedback module; and when the intranet host sends a connectable data packet to the extranet host and adds a connectable record to the network connection pool, the extranet host acquires the connectable data packet and selects an available connection from the network connection pool, and then the intranet host and the extranet host establish network communication.
Further, after the intranet host and the extranet host establish network communication, the extranet host sends a data packet to be processed to the intranet host, and the intranet host obtains the data packet and then analyzes and processes the data packet, and then protocols data of a required processing result and sends the data packet to the extranet host.
Further, the intranet host predefines a method attribute set for secure call, and the method attribute includes a parameter type and a parameter value.
Further, the external network host sends a protocol data packet, which includes method attributes, method parameters and user information meeting the safety call predefined by the internal network host.
Furthermore, the intranet host is provided with a cache mechanism, and when the intranet host processes a data packet sent by the same extranet host for multiple times within a certain time, the intranet host directly returns the cached first processing result of the intranet host to the extranet host.
Furthermore, the intranet host and the extranet host are in different network segments.
Furthermore, the intranet host can actively send a connectable data packet at any time.
Further, the intranet connection may initiate connection of multiple connection data packets with multiple extranet hosts at the same time.
Further, the connection pool may set a maximum connection number, a minimum connection number, and a free connection number.
Further, after the external network host acquires all the data packets of the internal network host, the network link is returned to the connection pool, and the connection pool is uniformly arranged to reuse or destroy the connection.
Compared with the prior art, the invention has the advantages that:
1, a traditional passive message transmission mode is that an intranet server monitors a service port, passively waits for a client to send a network request and accordingly, and at the moment, the intranet service port is exposed and is easy to attack; the active mode of the invention is that the intranet server does not monitor any service port, is actively connected by the intranet server, and then receives the request of the client and corresponds to the request. In this mode, the intranet server does not expose any port, and therefore the completeness is high.
2, if a denial of service (DDoS) attack is applied in the traditional passive message transmission mode, it cannot continue or continuously provide service to the client. The initiative of the invention can not be attacked by denial of service (DDoS) at all, and can provide continuous uninterrupted service.
While conventional passive services are vulnerable to spoofed connections and attacks, the active service of the present invention cannot spoof because it actively provides a specific client connection.
And 4, the maximum connection number, the minimum connection number and the idle connection number are automatically set, so that the access amount is controlled, the server is prevented from being maliciously attacked, and the access on the new connection can be quickly responded due to the setting of the idle connection.
5, the connection of the internal and external networks is uniformly destroyed and reused, so that the redundancy is reduced.
Drawings
FIG. 1 is a flowchart of a method for an intranet to actively provide an extranet host calling service according to the present invention;
FIG. 2 is a schematic structural diagram of a method for actively providing an external network host calling service by an internal network according to the present invention;
fig. 3 is a schematic diagram of data transmission of an intranet and extranet host according to the method for actively providing an extranet host call service by an intranet of the present invention.
Detailed Description
The invention is further described with reference to the following figures and detailed description.
As shown in fig. 1, a method for an intranet to actively provide an external network host calling service includes an intranet host and an external network host, where the intranet host and the external network host are in different network segments. The outer net host is provided with a monitoring feedback module, and the inner net host is not provided with the monitoring feedback module; when the intranet host sends a connectable data packet to the extranet host, a connectable record (not shown in the figure) is added to the network connection pool, and the connection pool can set a maximum connection number, a minimum connection number and an idle connection number, so that malicious access is limited and guaranteed through the idle connection number, and when a new user is connected in, an enough channel is provided for access connection. Because the outer net host is provided with the monitoring feedback module, the outer net host can immediately know that the inner net access connection can not be carried out. The outer net host acquires the connectable data packet through the connection pool under the condition that the outer net host needs to access, the inner net host corresponding to the inner net can automatically learn whether the connection is successful at the moment, and the inner net host and the outer net host establish network communication at the moment. If the intranet host does not know that the extranet host is connected with the intranet host, the intranet host automatically selects to stop the service and finish the service, or continuously sends a connectable data packet to wait for the access of the extranet host. The intranet host can actively send the connectable data packets at any time to provide connection access for the extranet host, and the intranet host can initiate a plurality of connection data packets to be respectively connected with a plurality of extranet hosts.
After network communication is established, the external network host waits for the service request information of the user, and when the service request information input by the user is obtained. As shown in fig. 3, the communication module of the extranet host sends a data packet to the intranet host, where the data packet includes the method attribute, the method parameter and the user information according to the security call predefined by the intranet host. After the intranet host acquires the data packet, analyzing and processing according to a predefined security calling method attribute set, wherein the method attribute comprises a parameter type and a parameter value. The intranet host machine carries out data agreement on the required processing result and sends a service response to the extranet host machine. The outer net host receives and processes the content of the service response, and after the outer net host acquires all the data packets of the inner net host, the outer net host returns the network link to the connection pool, and the connection pool uniformly arranges the connection for reuse or destroys the connection so as to reduce redundancy. And after initializing the network, the external network host waits for the next user service access and acquires the connection from the connection pool. If the intranet host fails to process the service request successfully provided by the extranet host, a corresponding exception processing result is returned and sent to the extranet host.
Further, as an optimization, the intranet host is provided with a cache mechanism, and when the intranet host processes a data packet sent by the same extranet host for multiple times within a certain time, the intranet host directly returns a cached first-time processing result of the intranet host to the extranet host. This will greatly increase the response rate, giving the user a faster and better experience.
As shown in fig. 2, when the private network transmits information to the public internet for interaction, as with the external network host, only the internal network host acquires the user who accesses through the public internet, and the unspecified user does not have a corresponding method attribute set for secure invocation and does not provide corresponding response information. The user accessed by the public internet can establish corresponding response information only by sending a data packet which is predefined by the in-band network host and is in agreement with the method attribute, the method parameter and the user information for safe calling. Generally, the authentication is performed through a user name and a password of the user, and the authentication can be provided for the intranet through the corresponding equipment such as a web shield and the like through response information built in the equipment, so that the intranet determines whether to respond to the access of the user.
As shown in fig. 3, the intranet host and the extranet host both include a service module and a communication module. When the connection is not established, the intranet host initiates a process a1 from the service module, sends the process a2 to the communication module of the intranet host, and sends a connectable data packet to the communication module of the extranet host by the process a 2. The communication module of the extranet host receives the packet by the a3 process and decides whether to initiate a connection request if necessary. When a connection request needs to be initiated, a service module of the external network host starts a B1 process, information is transmitted to a communication module of the external network host, a process B2 is initiated by combining a user module, a safety calling method attribute, a method parameter and a data packet of user information are sent to a transmission module in the communication module of the internal network host, the transmission module initiates a process B3 to a delivery module and starts a B4 process, data transmitted by the external network host is sent to the service module of the internal network host, whether the information is responded is determined by the service module of the internal network host, and processes B5, B6, B7 and B8 are established in sequence according to the original path to feed back the response information.
Example 1:
in the external network host, the tax manager needs to connect to the tax bureau local intranet at the internet end to inquire the tax income statistical table in this month. At this moment, corresponding login information of the input user needs to be confirmed, the system searches the accessible tax bureau intranet host through the connection pool, and if the access is successful, communication connection is established. If the connection mode of the host in the tax bureau is not accessible in the connection pool, the tax bureau can only wait, and the corresponding information to be inquired can not be accessed. The tax administrator can input the corresponding content to be inquired after establishing communication through the internet end connection success, so as to obtain the tax income statistical table in the month from the tax office intranet host. The input inquired content, the logged user information and the password are transmitted to a transmission module of the tax bureau internal network host through an AES encryption algorithm, and the encrypted information is transmitted to a delivery module for decryption through a user module of the external network host. Because the tax administrator only inquires, only the read-only database of the internal network host of the tax bureau is accessed to inquire the corresponding authorized service data. And the tax bureau internal network host encrypts the inquired information by an AES encryption algorithm through the delivery module, transmits the information to the transmission module, and feeds back the information to the corresponding external network host. The external network host acquires the feedback information through the user module, decrypts the feedback information, feeds the information back to the service module of the external network host, and presents the 'monthly tax income statistical table' to be inquired. The external network host has no other service request, and returns the connection mode to the connection pool by acquiring all the service information to be inquired.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and decorations can be made without departing from the spirit of the present invention, and these modifications and decorations should also be regarded as being within the scope of the present invention.
Claims (4)
1. A method for actively providing service by an intranet is characterized by comprising an intranet host and an extranet host, wherein the extranet host is provided with a monitoring feedback module; when the intranet host sends a connectable data packet to the extranet host and adds a connectable record to the network connection pool, the extranet host acquires the connectable data packet and selects an available connection from the network connection pool, and then the intranet host and the extranet host establish network communication;
the intranet connection can simultaneously initiate a plurality of connection data packets to be connected with a plurality of extranet hosts; and after the external network host acquires the data packets of all the internal network hosts, returning the network links to the connection pool, and uniformly arranging and reusing or destroying the connection in the connection pool.
2. The method according to claim 1, wherein the intranet host is configured with a cache mechanism, and when there are multiple data packets sent by the same extranet host within a certain time period, the intranet host directly returns the cached first processing result of the intranet host to the extranet host.
3. The method according to claim 2, wherein the intranet host and the extranet host are in different network segments.
4. The method according to claim 1, wherein the connection pool is configured to set a maximum number of connections, a minimum number of connections, and a number of idle connections.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911220507.7A CN111131173B (en) | 2016-10-20 | 2016-10-20 | Method for actively providing service by intranet |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911220507.7A CN111131173B (en) | 2016-10-20 | 2016-10-20 | Method for actively providing service by intranet |
| CN201610915145.3A CN106453336B (en) | 2016-10-20 | 2016-10-20 | Method for internal network to actively provide external network host calling service |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610915145.3A Division CN106453336B (en) | 2016-10-20 | 2016-10-20 | Method for internal network to actively provide external network host calling service |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111131173A true CN111131173A (en) | 2020-05-08 |
| CN111131173B CN111131173B (en) | 2022-09-30 |
Family
ID=58175707
Family Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911220506.2A Active CN111131172B (en) | 2016-10-20 | 2016-10-20 | Method for actively calling service by intranet |
| CN201911220507.7A Active CN111131173B (en) | 2016-10-20 | 2016-10-20 | Method for actively providing service by intranet |
| CN201610915145.3A Active CN106453336B (en) | 2016-10-20 | 2016-10-20 | Method for internal network to actively provide external network host calling service |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911220506.2A Active CN111131172B (en) | 2016-10-20 | 2016-10-20 | Method for actively calling service by intranet |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610915145.3A Active CN106453336B (en) | 2016-10-20 | 2016-10-20 | Method for internal network to actively provide external network host calling service |
Country Status (1)
| Country | Link |
|---|---|
| CN (3) | CN111131172B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110943937B (en) * | 2018-09-21 | 2023-04-11 | 金山云(深圳)边缘计算科技有限公司 | Local area network equipment utilization method and device |
| CN113596085A (en) * | 2021-06-24 | 2021-11-02 | 阿里云计算有限公司 | Data processing method, system and device |
| CN115442416A (en) * | 2022-08-31 | 2022-12-06 | 上海奇夜语网络科技有限公司 | Cross-network communication method, device and communication network |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020162026A1 (en) * | 2001-02-06 | 2002-10-31 | Michael Neuman | Apparatus and method for providing secure network communication |
| CN101136797A (en) * | 2007-09-28 | 2008-03-05 | 深圳市利谱信息技术有限公司 | Detection of inside and outside network physical connection, on-off control method and device for using the same |
| US20090222535A1 (en) * | 2006-05-30 | 2009-09-03 | Haisheng Ni | Internet Access Server for Isolating the Internal Network from the External Network and A Process Method thereof |
| CN103077196A (en) * | 2012-12-25 | 2013-05-01 | 宁波公众信息产业有限公司 | Access method from public network WEB (World Wide Web) to intranet database |
| CN105279263A (en) * | 2015-10-23 | 2016-01-27 | 国网信息通信产业集团有限公司 | Database connection system and method capable of supporting multi-application sharing |
| CN105991520A (en) * | 2015-01-29 | 2016-10-05 | 朗新科技股份有限公司 | Inner/outer network interaction method and system |
Family Cites Families (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6898599B2 (en) * | 2001-10-26 | 2005-05-24 | Sun Microsystems, Inc. | Method and system for automated web reports |
| CN101834878B (en) * | 2010-01-29 | 2012-08-29 | 陈时军 | Multiuser system privilege management method and instant messaging system applying same |
| CN201854302U (en) * | 2010-11-09 | 2011-06-01 | 福州宙斯盾信息技术有限公司 | Active anti-disclosure based network security system |
| CN102075527A (en) * | 2010-12-30 | 2011-05-25 | 合肥恒卓科技有限公司 | Internet data communication system and communication method thereof |
| CN102143174A (en) * | 2011-03-25 | 2011-08-03 | 北京数码视讯软件技术发展有限公司 | Method and system for implementing remote control between Intranet and Internet host computers |
| CN102263993A (en) * | 2011-09-02 | 2011-11-30 | 上海文广互动电视有限公司 | User information management method for interactive studio |
| CN102820994A (en) * | 2012-08-20 | 2012-12-12 | 广州易宝信息技术有限公司 | Data exchange device and data exchange method for network isolation environment |
| CN104184774B (en) * | 2013-05-24 | 2017-12-26 | 阿里巴巴集团控股有限公司 | A kind of information processing method and system based on sandbox environment |
| CN103747099A (en) * | 2014-01-23 | 2014-04-23 | 浪潮电子信息产业股份有限公司 | Remote control method capable of realizing automatic connection |
| CN104901928A (en) * | 2014-03-07 | 2015-09-09 | 中国移动通信集团浙江有限公司 | Data interaction method, device and system |
| CN104935619B (en) * | 2014-03-20 | 2018-07-03 | 上海宝信软件股份有限公司 | network service method based on middleware |
| CN105282128B (en) * | 2014-08-29 | 2018-10-16 | 中国科学院信息工程研究所 | A kind of two-way call method and system based on long connection |
-
2016
- 2016-10-20 CN CN201911220506.2A patent/CN111131172B/en active Active
- 2016-10-20 CN CN201911220507.7A patent/CN111131173B/en active Active
- 2016-10-20 CN CN201610915145.3A patent/CN106453336B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020162026A1 (en) * | 2001-02-06 | 2002-10-31 | Michael Neuman | Apparatus and method for providing secure network communication |
| US20090222535A1 (en) * | 2006-05-30 | 2009-09-03 | Haisheng Ni | Internet Access Server for Isolating the Internal Network from the External Network and A Process Method thereof |
| CN101136797A (en) * | 2007-09-28 | 2008-03-05 | 深圳市利谱信息技术有限公司 | Detection of inside and outside network physical connection, on-off control method and device for using the same |
| CN103077196A (en) * | 2012-12-25 | 2013-05-01 | 宁波公众信息产业有限公司 | Access method from public network WEB (World Wide Web) to intranet database |
| CN105991520A (en) * | 2015-01-29 | 2016-10-05 | 朗新科技股份有限公司 | Inner/outer network interaction method and system |
| CN105279263A (en) * | 2015-10-23 | 2016-01-27 | 国网信息通信产业集团有限公司 | Database connection system and method capable of supporting multi-application sharing |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111131172A (en) | 2020-05-08 |
| CN106453336B (en) | 2019-12-10 |
| CN111131172B (en) | 2022-08-26 |
| CN106453336A (en) | 2017-02-22 |
| CN111131173B (en) | 2022-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8925036B2 (en) | Secure enterprise network | |
| JP4911018B2 (en) | Filtering apparatus, filtering method, and program causing computer to execute the method | |
| US20080178278A1 (en) | Providing A Generic Gateway For Accessing Protected Resources | |
| US20080196099A1 (en) | Systems and methods for detecting and blocking malicious content in instant messages | |
| KR101992976B1 (en) | A remote access system using the SSH protocol and managing SSH authentication key securely | |
| EP4236206B1 (en) | Actively monitoring encrypted traffic by inspecting logs | |
| US8826014B2 (en) | Authentication of remote host via closed ports | |
| US20040109518A1 (en) | Systems and methods for a protocol gateway | |
| AU2003239220A1 (en) | Systems and methods for a protocol gateway | |
| CN111131173B (en) | Method for actively providing service by intranet | |
| Jingyao et al. | Securing a network: how effective using firewalls and VPNs are? | |
| CN107317816A (en) | A kind of method for network access control differentiated based on client application | |
| EP3459224B1 (en) | Web server security | |
| CN114661485A (en) | Application program interface access control system and method based on zero trust architecture | |
| CN114024767B (en) | Method for constructing password definition network security system, system architecture and data forwarding method | |
| CN113612790B (en) | Data security transmission method and device based on equipment identity pre-authentication | |
| US20060168239A1 (en) | Secure client/server data transmission system | |
| US9779222B2 (en) | Secure management of host connections | |
| KR20150114921A (en) | System and method for providing secure network in enterprise | |
| Pujolle et al. | Secure session management with cookies | |
| KR101818508B1 (en) | System, method and computer readable recording medium for providing secure network in enterprise | |
| KR101992985B1 (en) | An access control system of controlling hard-coded passwords and commands for enhancing security of the servers | |
| WO2008086224A2 (en) | Systems and methods for detecting and blocking malicious content in instant messages | |
| Affia et al. | Securing an MQTT-based Traffic Light Perception System for Autonomous Driving | |
| US20240154986A1 (en) | Providing identity protection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A method for proactively providing services within an internal network Granted publication date: 20220930 Pledgee: Zhejiang Hangzhou Yuhang Rural Commercial Bank Co.,Ltd. Science and Technology City Branch Pledgor: HANGZHOU FUGLE TECHNOLOGY CO.,LTD. Registration number: Y2024980030832 |