CN111277607A - Communication tunnel module, application monitoring module and mobile terminal security access system - Google Patents
Communication tunnel module, application monitoring module and mobile terminal security access system Download PDFInfo
- Publication number
- CN111277607A CN111277607A CN202010093006.3A CN202010093006A CN111277607A CN 111277607 A CN111277607 A CN 111277607A CN 202010093006 A CN202010093006 A CN 202010093006A CN 111277607 A CN111277607 A CN 111277607A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- mobile
- application
- data
- application program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a communication tunnel module, an application monitoring module and a mobile terminal safety access system, which comprise a mobile terminal and an intranet application server which are communicated with each other, and further comprise the communication tunnel module and the application monitoring module, wherein the mobile terminal and the intranet application module are in information transmission through the communication tunnel module; the communication tunnel module is used for carrying out security authentication before the mobile terminal is accessed to the intranet application server and encrypting the transmission of important data after the mobile terminal is accessed; and the application monitoring module is used for monitoring the application program installed in the mobile terminal. The advantages are that: the invention closely monitors the application program installed in the user equipment, constructs a mobile terminal safety access system, solves the problems of hidden danger of data transmission of the traditional mobile terminal, distribution risk of mobile application and the like, and in addition, adopts a special communication connection channel, ensures the safety of the whole process of remote access of the mobile terminal, and is more suitable for the practical power grid application environment.
Description
Technical Field
The invention relates to a communication tunnel module, an application monitoring module and a mobile terminal security access system, and belongs to the technical field of mobile information.
Background
Mobile networks are currently evolving rapidly such that mobile devices are subject to a wide variety of attacks on the network when accessed. The manager is difficult to control the staff to log in the terminal equipment of the enterprise intranet, the boundary of network security is more and more fuzzy along with the large-scale application of the mobile terminal, and the implantation of viruses, trojans and malicious programs enables data in the mobile terminal to be peeped and sensitive data to be maliciously acquired, so that the whole system of the enterprise is greatly threatened. Therefore, centralized management and control are carried out on the mobile equipment, enterprise sensitive information is protected, connection safety is ensured, and the problem that the access of the enterprise mobile terminal to the protection letter needs to be solved.
Disclosure of Invention
The technical problem to be solved by the invention is to overcome the defects of the prior art and provide a communication tunnel module, an application monitoring module and a mobile terminal security access system.
In order to solve the technical problem, the invention provides a communication tunnel module for transmitting information between a mobile terminal and an intranet application server;
and the method is also used for carrying out security authentication before the mobile terminal accesses the intranet application server and encrypting the transmission of important data after the access.
Furthermore, an SSL VPN encryption channel is adopted, and a security authentication mode is added on the basis of an SSL protocol in the SSL VPN encryption channel.
Further, the security authentication mode is that the mobile terminal accesses the intranet data through a unique security access platform in the IP access communication tunnel module obtained in advance.
Further, the process of encrypting the transmission of the important data after the access is as follows:
and establishing an encryption link between the mobile terminal and a VPN gateway in the SSL VPN encryption channel by adopting an SM2 encryption algorithm to encrypt data transmission.
An application monitoring module is used for monitoring an application program installed in a mobile terminal when the mobile terminal accesses an intranet application server.
Further, the mobile terminal comprises an application service layer, a support service layer, an equipment service layer and a data security service layer;
when the mobile terminal accesses the data service of the enterprise intranet, a mobile application program of an application service layer of the mobile terminal is started firstly, the support service layer judges whether the started mobile application program is credible or not according to the mobile credible unit, if the started mobile application program is credible, the mobile application program is allowed to access the enterprise intranet through the equipment service layer, data transmission is carried out through the data security service layer, and otherwise, access is not allowed.
Furthermore, the mobile application program is used for providing an operation interface and an intrusion detection function for a user, and meanwhile, the mobile application program collects sensitive information when the user accesses the intranet application server and transmits the sensitive information to the IDS of the data security service layer for security access, wherein the sensitive information comprises data content, a user ID and a device number.
Further, the mobile trusted unit is configured to invoke a trusted software stack to make a service request, use a white list mechanism of the detection mechanism, once a mobile application program or a device number in a black list is found, the management background has a right to prohibit the start of the mobile application program, and when the mobile application program is correctly started, the user inputs an enterprise user name and password information in a secure mode to transmit data.
A mobile terminal security access system comprises a mobile terminal and an intranet application server, and also comprises a communication tunnel module and an application monitoring module;
the mobile terminal monitors the application program installed in the mobile terminal through the application monitoring module, and after the mobile application program is correctly started, the mobile terminal transmits information with the intranet application server through the communication tunnel module.
The invention achieves the following beneficial effects:
the invention solves the hidden danger of data transmission of the traditional mobile terminal by constructing a mobile terminal safety access system, ensures the safety of the whole process of remote access of the mobile terminal by adopting a special communication connection channel, and is more suitable for the actual power grid application environment.
Drawings
FIG. 1 is a secure tunnel access model;
FIG. 2 is a security access protection architecture;
FIG. 3 is a diagram of a mobile application platform system;
FIG. 4 is a process of identity authentication between an enterprise terminal and an information network;
FIG. 5 is a schematic diagram of an experimental architecture.
Detailed Description
In order to make the objects, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the embodiments described below are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The technical scheme of the invention is further explained by the specific implementation mode in combination with the attached drawings.
A communication tunnel module is used for transmitting information between a mobile terminal and an intranet application server;
and the method is also used for carrying out security authentication before the mobile terminal accesses the intranet application server and encrypting the transmission of important data after the access.
And a security authentication mode is added on the basis of an SSL protocol in the SSL VPN encryption channel by adopting the SSL VPN encryption channel.
The safety authentication mode is that the mobile terminal accesses intranet data through a safety access platform in a unique IP access communication tunnel module obtained in advance.
The process of encrypting the transmission of the important data after the access comprises the following steps:
and establishing an encryption link between the mobile terminal and a VPN gateway in the SSL VPN encryption channel by adopting an SM2 encryption algorithm to encrypt data transmission.
An application monitoring module is used for monitoring an application program installed in a mobile terminal when the mobile terminal accesses an intranet application server.
The mobile terminal comprises an application service layer, a support service layer, an equipment service layer and a data security service layer;
when the mobile terminal accesses the data service of the enterprise intranet, a mobile application program of an application service layer of the mobile terminal is started firstly, the support service layer judges whether the started mobile application program is credible or not according to the mobile credible unit, if the started mobile application program is credible, the mobile application program is allowed to access the enterprise intranet through the equipment service layer, data transmission is carried out through the data security service layer, and otherwise, access is not allowed.
The mobile application program is used for providing an operation interface and an intrusion detection function for a user, meanwhile, the mobile application program collects sensitive information when the user accesses an intranet application server and transmits the sensitive information to the IDS of the data security service layer for security access, and the sensitive information comprises data content, a user ID and a device number.
The mobile trusted unit is used for calling a trusted software stack to carry out service request, using a white list mechanism of a detection mechanism, once finding a mobile application program or equipment number in a black list, the management background has the right to prohibit the mobile application program or equipment number from being started, and after the mobile application program is correctly started, a user inputs an enterprise user name and password information in a safe mode to carry out data transmission.
A mobile terminal security access system comprises a mobile terminal and an intranet application server, and also comprises a communication tunnel module and an application monitoring module;
the mobile terminal monitors the application program installed in the mobile terminal through the application monitoring module, and after the mobile application program is correctly started, the mobile terminal transmits information with the intranet application server through the communication tunnel module.
In the embodiment of the secure access system for the electric power mobile terminal, common mobile devices include an encrypted TF card, a mobile smart phone and a tablet computer. Meanwhile, the mobile terminal is also provided with a VPN product to encrypt a tunnel between the mobile terminal and a safe access area so as to prevent information leakage, prevent illegal access and protect the integrity of data, thereby ensuring the safety and ensuring the whole process of remote access of the mobile terminal. The deployment of the overall architecture is shown in fig. 5.
Establishing a secure communication tunnel:
under the online access mode of the mobile device, the connection with the intranet application server faces a great potential safety hazard. The operator-provided APN/VPDN access protection can only provide access security between mobile operators from the mobile device. From the perspective of ensuring the security of data transmission, it is necessary to encrypt the transmission of important data between the mobile device and the information network, as shown in fig. 1, the present invention adopts an omnibearing security protection model based on a layered architecture, the transmission of public data and negotiation data is transmitted through an unencrypted VPN gateway, an SM2 encryption algorithm is adopted, an encryption link is established with the VPN gateway through a USB or SD/TF encryption card used by the mobile device, the data transmission is encrypted, the secure transmission of the mobile data is enhanced, and the theft and leakage of enterprise information in the transmission process are effectively prevented.
Mobile security access protection:
the safety access protection of the mobile equipment in the invention is to carry out safety protection from three layers of the mobile equipment, a communication tunnel and application, and embodies the thought of progressive and deep defense layer by layer. Through the safety protection of the three layers, the comprehensive safety protection of the mobile equipment on data transmission during and after access is realized, and the safety of an enterprise information intranet is ensured. Fig. 2 shows in detail the security access protection system of a mobile terminal: the security access protection of the mobile terminal is divided into three levels of terminal security protection, communication channel security protection and application security protection. The terminal security protection is mainly aimed at various physical access terminals of an information external network, the terminal layer protection is one of important protection measures of a mobile security access platform, the terminal is subjected to four means of a digital certificate, security client software, an encryption card and a security communication module, a PKI certificate is encrypted on the security terminal layer, and encrypted data are transmitted to a communication channel security protection layer through a built APN channel. The communication channel security protection layer provides security access services for various terminals and is a core component of the system. In the communication channel security protection layer, the mobile application access platform performs security separation and access buffering on an internal network of an enterprise and an operator network by setting a security access area. The interface of the mobile security access platform is safely butted with the application data interface by the application security protection layer, so that data interactive transmission, interaction and filtering between the terminal and the application system are safer, and the requirement of service access is met.
The function module of the mobile client:
as an information system, the application program system effectively solves the development defects caused by the threats of SQL injection, cache overflow, malicious code implantation, administrator abuse authority, incomplete data backup strategies and the like. The application program of the mobile service in the enterprise and the personal application program of the staff coexist in one terminal device, and the terminal opens the opportunity of accessing personal information, enterprise data, sensitive information and even tampering data for an attacker, thereby influencing the safe operation of a service system.
As shown in fig. 3, the logical framework of the mobile application platform of the present invention can be roughly divided into four layers: the support service layer comprises unified business support application modules of authority management, role management, configuration management, message management, automatic account checking, data synchronization, flow management, log management and the like; the equipment service layer comprises modules of terminal management, identity authentication, access control and the like; the data security service layer provides basic services such as data security transmission and security storage, including PKI, KMI, encryption, decryption, digital certificate service and the like.
When the mobile terminal accesses the data service of the enterprise intranet, a mobile application program of the mobile terminal application service layer is started, an enterprise manager provides mobile application and a mobile credible unit used by enterprise employees from the support service layer, the mobile terminal APP provides an operation interface (GUI) and a basic Intrusion Detection (IDS) function for a user, and meanwhile, the mobile terminal App collects sensitive information including data content, user ID and equipment number when the user accesses the enterprise intranet and transmits the sensitive information to the IDS of the data security service layer for security access. When the mobile terminal App accesses the intranet through terminal equipment authentication, a trusted software stack is called to carry out a service request, a white list mechanism of a detection mechanism is used, and once the App or equipment number in a black list is found, a management background has the right to prohibit the App or the equipment number from being started. When the App is started correctly, the user can input information such as enterprise user names and passwords in a safe mode to transmit data.
The system realizes the classified management of the application programs, and can manage the application programs needing to be uploaded by being divided into several categories of safety protection, news information, traffic navigation, financial and financial management, practical tools, communication, dictionary translation, electronic office, education reading, affair management, system tools and browsers. The system can support independent uploading and unified management of Android and iOS platform application programs, can strictly monitor the application programs installed in the employee equipment, can set a black/white list technology, and can filter all malicious programs in the black list.
And (3) user identity authentication:
when the mobile network (such as CDMA/GPRS/3G) operator accesses the public network to carry out actual data interaction, each data interaction process between the front end and the enterprise internal network is a process of safely accessing the mobile terminal data. The mobile terminal can obtain an IP access security access platform to access intranet data, the terminal equipment provides an access request to the security access platform, meanwhile submits identity verification information, and then safety data interaction with an intranet system is achieved according to security modes of security check, authentication, communication data encryption and the like of the platform. Fig. 4 details the enterprise terminal identity authentication process for secure access: the mobile terminal opens the application software and enters a security access link after detecting security, and the two communication parties of the link are the mobile terminal and network equipment of an enterprise network. Firstly, a secure mobile access terminal sends an access request to a secure access gateway, initiates wireless connection, and the mobile terminal and the access gateway perform handshake negotiation to establish a secure communication channel, and in the process, both communication parties perform algorithm negotiation and key transmission. If the communication tunnel is successfully established, executing the next step, otherwise, returning a handshake failure error, and reconnecting or exiting. After the connection is successful, the authentication parameters are exchanged through the communication tunnel, and then the mobile terminal equipment is authenticated in a mode of 'authenticating the mobile phone number + the equipment number'. If the authentication is successful, synchronous transmission of data is started. Otherwise, returning an authentication failure error, and re-authenticating or exiting. And exchanging a shared key for data encryption through the communication tunnel to establish a data channel. If the data channel is successfully established, the next step is executed. Otherwise, a data channel setup failure error is returned, and the reconnection or exit is performed. And after receiving the data packet, the security access gateway decrypts the data packet and forwards the data packet to the access controller. The access controller filters the packets and selects a proper one-way transmission device of the sending end to transmit the packets to a corresponding intranet application system. And after the communication is finished, the mobile terminal sends a FIN message to disconnect, and the cache is emptied. The security access gateway waits for a period of time after receiving the FIN message and then empties the session.
The mobile device establishes a wireless access channel with an operator, then is connected with the information network through the channel, after the channel connection is successful, the mobile terminal and the safety device in the information network should perform mutual identity authentication, and the authentication of the certificate should confirm that both sides are credible. And finally, the two parties establish a data encryption secure transmission channel on the basis of a key agreement mechanism, and the security and reliability of the mobile equipment accessing the information network are ensured by using the identity authentication of the two parties.
Managing mobile terminal device security
The core function of the mobile platform safety management is the management of the mobile terminal, and an enterprise can scientifically manage the managed employee equipment through the mobile safety platform, so that the controllability and the safety of the enterprise mobile management are greatly improved. By managing the mobile terminal, potential safety hazards which may be caused by operations of employees on the mobile device can be avoided, and data leakage due to loss of the mobile terminal can be prevented. For a large enterprise with multiple levels of administrative organizations, branch organizations actually control and manage mobile terminals within the administrative scope, a headquarters needs to master the use conditions of mobile terminals, users and services of each branch organization in real time, and an experimental architecture is shown in fig. 5:
under the condition of obtaining system authentication and terminal authentication permission, the employee has the right to operate any intelligent device and can access the enterprise mobile VPN portal at any time in any network environment. Through secondary development, the service management platform and the mobile platform can be integrated together, and a specified application system can be accessed at a specified time and space. System users can be authenticated through the AD domain, can be integrated with the LDAP repository for authentication, and can be authenticated based on the database.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (9)
1. A communication tunnel module is characterized in that the communication tunnel module is used for transmitting information between a mobile terminal and an intranet application server;
and the method is also used for carrying out security authentication before the mobile terminal accesses the intranet application server and encrypting the transmission of important data after the access.
2. The communication tunnel module of claim 1, wherein an SSL VPN encryption channel is used, and a security authentication method is added on the basis of an SSL protocol in the SSL VPN encryption channel.
3. The communication tunnel module of claim 2, wherein the security authentication means is that the mobile terminal accesses intranet data through a security access platform in the only IP access communication tunnel module obtained in advance by the mobile terminal.
4. The communication tunnel module of claim 1, wherein the process of encrypting the transmission of the important data after accessing is:
and establishing an encryption link between the mobile terminal and a VPN gateway in the SSL VPN encryption channel by adopting an SM2 encryption algorithm to encrypt data transmission.
5. An application monitoring module is used for monitoring an application program installed in a mobile terminal when the mobile terminal accesses an intranet application server.
6. The application monitoring module of claim 5, wherein the mobile terminal comprises an application service layer, a support service layer, a device service layer, and a data security service layer;
when the mobile terminal accesses the data service of the enterprise intranet, a mobile application program of an application service layer of the mobile terminal is started firstly, the support service layer judges whether the started mobile application program is credible or not according to the mobile credible unit, if the started mobile application program is credible, the mobile application program is allowed to access the enterprise intranet through the equipment service layer, data transmission is carried out through the data security service layer, and otherwise, access is not allowed.
7. The application monitoring module of claim 6,
the mobile application program is used for providing an operation interface and an intrusion detection function for a user, meanwhile, the mobile application program collects sensitive information when the user accesses an intranet application server and transmits the sensitive information to the IDS of the data security service layer for security access, and the sensitive information comprises data content, a user ID and a device number.
8. The application monitoring module of claim 6,
the mobile trusted unit is used for calling a trusted software stack to carry out service request, using a white list mechanism of a detection mechanism, once finding a mobile application program or equipment number in a black list, the management background has the right to prohibit the mobile application program or equipment number from being started, and after the mobile application program is correctly started, a user inputs an enterprise user name and password information in a safe mode to carry out data transmission.
9. A mobile terminal security access system comprises a mobile terminal and an intranet application server, and is characterized by further comprising a communication tunnel module of any one of claims 1 to 4 and an application monitoring module of any one of claims 5 to 8;
the mobile terminal monitors the application program installed in the mobile terminal through the application monitoring module, and after the mobile application program is correctly started, the mobile terminal transmits information with the intranet application server through the communication tunnel module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010093006.3A CN111277607A (en) | 2020-02-14 | 2020-02-14 | Communication tunnel module, application monitoring module and mobile terminal security access system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010093006.3A CN111277607A (en) | 2020-02-14 | 2020-02-14 | Communication tunnel module, application monitoring module and mobile terminal security access system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111277607A true CN111277607A (en) | 2020-06-12 |
Family
ID=71000231
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010093006.3A Pending CN111277607A (en) | 2020-02-14 | 2020-02-14 | Communication tunnel module, application monitoring module and mobile terminal security access system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111277607A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111988314A (en) * | 2020-08-19 | 2020-11-24 | 杭州铂钰信息科技有限公司 | System architecture and method for dynamically deploying network security service |
| CN113473463A (en) * | 2021-06-30 | 2021-10-01 | 广东纬德信息科技股份有限公司 | Mobile office communication method and system |
| CN113783868A (en) * | 2021-09-08 | 2021-12-10 | 广西东信数建信息科技有限公司 | Method and system for protecting security of gate Internet of things based on commercial password |
| CN114143068A (en) * | 2021-11-25 | 2022-03-04 | 广东电网有限责任公司 | Electric power internet of things gateway equipment container safety protection system and method thereof |
| CN114697022A (en) * | 2022-03-18 | 2022-07-01 | 北京国泰网信科技有限公司 | Encryption authentication method applied to power distribution network system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103441991A (en) * | 2013-08-12 | 2013-12-11 | 江苏华大天益电力科技有限公司 | Mobile terminal security access platform |
| US20140029750A1 (en) * | 2010-06-30 | 2014-01-30 | Juniper Networks, Inc. | Multi-service vpn network client for mobile device having integrated acceleration |
| CN104184735A (en) * | 2014-08-26 | 2014-12-03 | 国家电网公司 | Electric marketing mobile application safe protection system |
| CN106385404A (en) * | 2016-08-31 | 2017-02-08 | 华北电力大学(保定) | Construction method for power information system based on mobile terminal |
| CN109873834A (en) * | 2019-03-22 | 2019-06-11 | 云南电网有限责任公司 | A kind of enterprise-level cloud mobile application unified platform and system based on cloud computing |
-
2020
- 2020-02-14 CN CN202010093006.3A patent/CN111277607A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140029750A1 (en) * | 2010-06-30 | 2014-01-30 | Juniper Networks, Inc. | Multi-service vpn network client for mobile device having integrated acceleration |
| CN103441991A (en) * | 2013-08-12 | 2013-12-11 | 江苏华大天益电力科技有限公司 | Mobile terminal security access platform |
| CN104184735A (en) * | 2014-08-26 | 2014-12-03 | 国家电网公司 | Electric marketing mobile application safe protection system |
| CN106385404A (en) * | 2016-08-31 | 2017-02-08 | 华北电力大学(保定) | Construction method for power information system based on mobile terminal |
| CN109873834A (en) * | 2019-03-22 | 2019-06-11 | 云南电网有限责任公司 | A kind of enterprise-level cloud mobile application unified platform and system based on cloud computing |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111988314A (en) * | 2020-08-19 | 2020-11-24 | 杭州铂钰信息科技有限公司 | System architecture and method for dynamically deploying network security service |
| CN113473463A (en) * | 2021-06-30 | 2021-10-01 | 广东纬德信息科技股份有限公司 | Mobile office communication method and system |
| CN113783868A (en) * | 2021-09-08 | 2021-12-10 | 广西东信数建信息科技有限公司 | Method and system for protecting security of gate Internet of things based on commercial password |
| CN113783868B (en) * | 2021-09-08 | 2023-09-01 | 广西东信数建信息科技有限公司 | Method and system for protecting Internet of things safety of gate based on commercial password |
| CN114143068A (en) * | 2021-11-25 | 2022-03-04 | 广东电网有限责任公司 | Electric power internet of things gateway equipment container safety protection system and method thereof |
| CN114143068B (en) * | 2021-11-25 | 2024-03-01 | 广东电网有限责任公司 | Electric power internet of things gateway equipment container safety protection system and method thereof |
| CN114697022A (en) * | 2022-03-18 | 2022-07-01 | 北京国泰网信科技有限公司 | Encryption authentication method applied to power distribution network system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10326756B2 (en) | Management of certificate authority (CA) certificates | |
| CN111277607A (en) | Communication tunnel module, application monitoring module and mobile terminal security access system | |
| US9781114B2 (en) | Computer security system | |
| CN105162808B (en) | A kind of safe login method based on national secret algorithm | |
| CN106100836B (en) | A kind of method and system of industrial user's authentication and encryption | |
| CN104869102B (en) | Authorization method, device and system based on xAuth agreement | |
| CN106453361B (en) | A kind of security protection method and system of the network information | |
| CN112235235A (en) | SDP authentication protocol implementation method based on state cryptographic algorithm | |
| CN104767731A (en) | Identity authentication protection method of Restful mobile transaction system | |
| CN111918284B (en) | Safe communication method and system based on safe communication module | |
| CN110336788B (en) | Data security interaction method for Internet of things equipment and mobile terminal | |
| CN104202338A (en) | Secure access method applicable to enterprise-level mobile applications | |
| CN109547402B (en) | Data protection method and device, electronic equipment and readable storage medium | |
| JP2017152880A (en) | Authentication system, key processing coordination method, and key processing coordination program | |
| CN103095731A (en) | REST security system based on signature mechanism | |
| CN109101811B (en) | Operation, maintenance and audit method of controllable Oracle session based on SSH tunnel | |
| CN102811225A (en) | Method and switch for security socket layer (SSL) intermediate agent to access web resource | |
| CN104486322B (en) | Terminal access authentication authorization method and terminal access authentication authoring system | |
| CN109150906A (en) | A kind of real-time data communication safety method | |
| CN112016073A (en) | Method for constructing server zero trust connection architecture | |
| CN114697963A (en) | Terminal identity authentication method and device, computer equipment and storage medium | |
| CN102316119B (en) | Security control method and equipment | |
| CN116248302A (en) | SSL VPN communication tunnel module, application monitoring module and mobile terminal safety access system | |
| Chen | Network security protection technology under the background of computing big data | |
| Dincer et al. | Big data security: Requirements, challenges and preservation of private data inside mobile operators |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200612 |
|
| RJ01 | Rejection of invention patent application after publication |