CN111371765A - Online heterogeneous communication method and system based on link blocking - Google Patents
Online heterogeneous communication method and system based on link blocking Download PDFInfo
- Publication number
- CN111371765A CN111371765A CN202010122125.7A CN202010122125A CN111371765A CN 111371765 A CN111371765 A CN 111371765A CN 202010122125 A CN202010122125 A CN 202010122125A CN 111371765 A CN111371765 A CN 111371765A
- Authority
- CN
- China
- Prior art keywords
- user
- link
- data
- communication link
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 title claims abstract description 115
- 230000000903 blocking effect Effects 0.000 title claims abstract description 42
- 238000000034 method Methods 0.000 title claims abstract description 33
- 230000005540 biological transmission Effects 0.000 claims description 57
- 230000003287 optical effect Effects 0.000 claims description 17
- 238000013475 authorization Methods 0.000 claims description 7
- 230000001360 synchronised effect Effects 0.000 claims description 6
- 238000004458 analytical method Methods 0.000 claims description 4
- 238000002955 isolation Methods 0.000 description 18
- 230000003993 interaction Effects 0.000 description 7
- 238000003860 storage Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- 238000013508 migration Methods 0.000 description 2
- 230000005012 migration Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000001681 protective effect Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003032 molecular docking Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 231100000048 toxicity data Toxicity 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Abstract
The invention provides an online heterogeneous communication method and system based on link blocking, wherein the online heterogeneous communication method based on link blocking comprises the following steps: receiving data sent by a first user based on a first-type communication link; analyzing the received data; transmitting the analyzed data from the side where the first user is located to the side where the second user is located on the basis of the second type communication link; and sending the analyzed data on the side where the second user is located to the second user through the first-type communication link.
Description
Technical Field
The present invention relates to the field of computers, and in particular, to an online heterogeneous communication method and system based on link blocking.
Background
At present, network security and data security are basically implemented by devices based on a firewall, a network isolation gatekeeper and the like on the network interconnection level to realize network information protective isolation, and the devices are actually deployed in a government affair internal network and a government affair external network; the intranet and the extranet platforms with different security levels, such as an enterprise intranet, an internet public network and the like, achieve information security protection between the intranet and the extranet of the information system, and further achieve network isolation and data isolation. The purpose of the equipment is to prevent the potential safety hazards caused by information confusion among different networks and random access among different departments, and particularly, the equipment is expected to block attack invasion from an external network through a firewall and a network isolation gateway which are deployed between the internal network and the external network. Such techniques and devices have found a great deal of use in the industry.
However, there are many drawbacks to finding the above techniques and devices in practical applications. In the case of a firewall, it generally performs online forwarding of IP packets while performing processing on the IP packets to achieve control over IP sessions, but it does not check the content of application data within the IP packets. The IP link on the network link layer of the working mode is not blocked, personal information and sensitive information are easy to leak, and the attack of viruses and hacker programs is difficult to prevent.
For the network isolation gatekeeper, the safe and manageable information exchange between networks is realized by the technology of blocking the IP link of the network link layer. The network isolation gatekeeper processes (supervises) the application layer data between networks while blocking the IP link of the network link layer, exchanges the application data by using an offline storage information ferrying method, and performs various safety checks on the application data while exchanging the data. The ferrying of offline storage and security check still have considerable defects in the problems of large data pressure and fluency of network security and data security.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides an online heterogeneous communication method and system based on link blocking.
In order to achieve the above object, the present invention provides an online heterogeneous communication method based on link blocking, which includes: receiving data sent by a first user based on a first-type communication link; analyzing the received data; transmitting the analyzed data from the side where the first user is located to the side where the second user is located on the basis of the second type communication link; and sending the analyzed data on the side where the second user is located to the second user through the first-type communication link.
According to an embodiment of the invention, the first type of communication link is an IP link and the second type of communication link is a physical layer based communication link.
According to an embodiment of the invention, the second type of communication link is a USB data transmission link or a data transmission link based on optical transmission.
According to an embodiment of the present invention, when the first user is a client of an external network and the second user is an internal network platform, the information representing the identity of the first user included in the data is authenticated after the received data is analyzed, and the service is authorized based on the authentication result.
According to one embodiment of the invention, when the identity of the first user is authenticated, the acquired information representing the identity of the first user is forwarded to one side where the second user is located on the basis of the second type communication link; and then transmitted to the second user through the first communication link for identity authentication and service authorization.
Correspondingly, the invention also provides an online heterogeneous communication system based on link blocking, which comprises a receiving module, an analysis module and an online information ferrying module. The receiving module receives data sent by the first user based on the first type communication link. The analysis module analyzes the received data. The online information ferrying module comprises a first data interface and a second data interface, the first data interface is positioned at one side where the first user is positioned, and the first data interface transmits the analyzed data from the side where the first user is positioned to one side where the second user is positioned on the basis of the second type communication link; the second data interface is positioned at one side of the second user, receives the analyzed data sent by the first data interface and sends the analyzed data to the second user through the first-type communication link.
According to an embodiment of the present invention, the first type of communication link is an IP link, and the second communication link used by the online information ferry module is a physical layer-based communication link.
According to an embodiment of the present invention, the online information ferrying module is a USB communication module, an SDH optical synchronous digital transmission module, or a WDM wavelength division multiplexing optical network transmission module.
According to an embodiment of the invention, when the first user is a client of an external network and the second user is an internal network platform, the online information ferrying module is in butt joint with a security supervision system in the second user, and the online information ferrying module forwards the first user information acquired by the receiving module to the security supervision system to realize identity authentication and service authorization of the first user.
In summary, in the online heterogeneous communication method and system based on link blocking provided by the present invention, the second type communication link is set to block the communication of the first type communication link between the first user and the second user, so as to implement isolation and blocking of security information isolation between networks with different security levels to ensure the security of data transmission. Furthermore, the second type communication link performs application data interaction in an online data ferrying mode, and the data transmission mode does not store and forward received data any more but directly performs online forwarding based on the second type communication network to realize online heterogeneous communication. The communication mode can provide large-flow real-time and reliable information interaction in the current cloud computing big data universal service era so as to meet the application requirement of big data transmission.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
Fig. 1 is a flowchart illustrating an online heterogeneous communication method based on link blocking according to an embodiment of the present invention.
Fig. 2 is a schematic diagram illustrating a deployment of the online heterogeneous communication method based on link blocking shown in fig. 1.
Fig. 3 is a schematic block diagram of an online heterogeneous communication system based on link blocking according to an embodiment of the present invention.
Fig. 4 is a diagram illustrating an application example of the online heterogeneous communication system based on link blocking shown in fig. 3.
Detailed Description
The existing network information protective isolation is mainly based on two types of devices, namely a firewall and a network isolation gatekeeper. Although the firewall has a certain protection capability, sensitive information is still easy to leak due to the connection of IP links between networks with different security levels. The network isolation gatekeeper realizes the blocking of links between networks with different security levels, and greatly improves the security; however, the data forwarding is realized by adopting an off-line storage mode, and the smoothness performance of data transmission is poor in the transmission mode, and particularly, the data forwarding is obvious under the transmission pressure of big data.
In view of this, the present embodiment provides an online heterogeneous communication method based on link blocking, which not only achieves link blocking between networks with different security levels, but also achieves smooth transmission of large data by using an online heterogeneous data transmission manner. As shown in fig. 1, the online heterogeneous communication method based on link blocking provided in this embodiment includes: receiving data transmitted by the first user based on the first-type communication link (step S10); parsing the received data (step S20); transmitting the parsed data from the side where the first user is located to the side where the second user is located based on the second type communication link (step S30); the parsed data located at the side of the second user is sent to the second user through the first type communication link (step S40).
In order to better understand the communication method provided by this embodiment, the online heterogeneous communication method based on link blocking provided by this embodiment will be described in detail below with reference to fig. 1 and fig. 2, where the first user is an external network client, the second user is an e-government network, and the first-type communication link is an IP link. However, based on the bidirectional data transmission, as shown in fig. 2, when the e-government network responds to the data service request sent by the extranet client, the first user is the e-government network, and the second user is the extranet client. This embodiment will be described by taking the communication between the extranet client and the e-government network as an example. However, the present invention is not limited thereto. In other embodiments, the method for online heterogeneous communication based on link blocking provided by the present invention can be applied to data isolation between two networks with different security levels. Such as data isolation between an extranet client and an enterprise security production network or an internal management network.
The link blocking-based online heterogeneous communication method provided by the embodiment aims to block network transmission between first-type communication links of the same type by adopting second-type communication links. Thus, the first type of communication link is not limited to only IP links, but can also be other types of data transmission links.
The online heterogeneous communication method based on link blocking provided by the present embodiment starts at step S10. As shown in fig. 2, before receiving a data service request sent by a first user, a handshake is established with an external network client based on an IP link, and after the handshake is successful, the data service request sent by the external network client in a WEB manner is received. After receiving the data service request, step S20 is executed to parse the received data service request, and obtain information representing the identity of the first user and specific content of the data service. Then, step S30 is executed to transmit the parsed data from the external network client side to the e-government affairs network side based on the second type communication link. After that, similarly, a handshake is established between the IP link and the e-government network, and after the handshake is successful, step S40 is executed, and the analyzed data service request is sent to the e-government network through the IP link.
In the online heterogeneous communication method based on link blocking provided by this embodiment, the second type of communication link blocks the IP link between the external network client and the e-government network, so that the toxicity data on the IP network can be completely blocked, thereby ensuring the security of a large amount of sensitive information in the e-government network. Furthermore, the second type of communication link is arranged in front of the extranet client and the e-government affair network, so that the network where the extranet client is located and the network in the e-government affair network cannot be affected at all, and the IP link layers of the router and the switch in the two networks are still smooth. As shown in fig. 2, an IP link can still be used for fast data transmission between multiple servers and a data sharing server in the e-government network.
In this embodiment, the second type of communication link is a physical layer-based communication link; preferably, it is a USB data transmission link. However, the present invention is not limited thereto. In other embodiments, the second type of communication link may also be an optical transmission-based data transmission link, such as an SDH optical synchronous digital transmission link, a WDM wavelength division multiplexing optical network transmission link, or the like. The USB data transmission link is a non-IP network, and an IP link does not exist, so that the isolation of the IP link between the external network client and the E-government network can be well realized. Furthermore, the USB data transmission link and the data transmission link based on optical transmission are on-line data forwarding transmission, compared with the traditional off-line storage ferry which is carried out by adopting optical discs and other modes, the USB data transmission link has high data transmission speed and good fluency, and can better meet the mass data exchange of a cloud computing large data platform. Specifically, the on-line heterogeneous communication method based on link blocking can be carried on SDH optical synchronous digital transmission (<10G), WDM wavelength division multiplexing optical network transmission (<40G), or even USB universal serial bus (<5G) according to the size of the interactive data volume, so as to adapt to various information transmission application service scenarios.
The online data ferrying based on the second type communication link is described below by taking a USB data transmission link as an example, first, the online information ferrying module opens software boolddeviceopen (hand & HANDLE, WORDwVID, wordwpid) through the interface software USB device; write data software BOOL DeviceWrite (HANDLEHandle, LPCVOID lpBuffer, DWORD dwSize); read data software BOOL DeviceRead (HANDLEHandle, LPVOID lpBuffer, DWORDdwSize); and (3) closing the USB device software void DeviceClose (HANDLE & HANDLE) to establish a non-IP information transmission link. However, the present invention is not limited thereto. The establishment process of the transmission link is different for different physical transmission modes.
In this embodiment, when the second-type communication link performs the interaction of the application data by using the online heterogeneous information forwarding method, the identity authentication is also performed on the application data, and the service is authorized based on the identity authentication result. However, the present invention is not limited thereto. In other embodiments, the second type of communication link may further perform security supervision such as access marking, hacking prevention, data filtering, routing check, and the like on the first user when forwarding the application data for interaction.
In this embodiment, the authentication and authorization of the first user identity is implemented over the e-government network. The second type communication link forwards the identity information which is obtained after analysis and used for representing the external network client to one side where the electronic government affair network is located; and then the information is transmitted into the E-government network through an IP communication link for identity authentication and service authorization. However, the present invention is not limited thereto. In other embodiments, the e-government network may also authorize the second type of communication link to authenticate the identity of the first user and authorize a service based on the result of the authentication.
Similarly, when the e-government affair network responds to the data service request of the external network client, the e-government affair network serves as a first user and sends information to the online information ferrying module based on the IP link, and the online information ferrying module sends the information to the side where the external network client is located based on the USB data transmission link. And then starting an IP link between the external network client and sending the data to the external network client to realize data interaction.
Correspondingly, the present embodiment further provides an online heterogeneous communication system based on link blocking, which includes a receiving module 1, an analyzing module 2, and at least one online information ferry module 3. The receiving module 1 receives data transmitted by the first user 10 over the communication link of the first type. The parsing module 2 parses the received data. The online information ferrying module 3 comprises a first data interface 31 and a second data interface 32, wherein the first data interface 31 is located at the side where the first user 10 is located, and the first data interface 31 transmits the analyzed data from the side where the first user 10 is located to the side where the second user 20 is located based on the second type communication link; the second data interface 32 is located at the side of the second user 20, and receives the parsed data sent by the first data interface 31 and sends the parsed data to the second user 20 through the first-type communication link.
In this embodiment, taking an extranet client and an e-government network as examples, when the extranet client sends a data service request to access the e-government network, the first user is the extranet client, and the second user is the e-government network. And when the E-government affair network responds to the data service request and sends data to the external network client, the first user is the E-government affair network, and the second user is the external network client. However, the present invention is not limited thereto. The online heterogeneous communication system based on link blocking is also suitable for network isolation of unidirectional data transmission. For example, an extranet client may send a request directly to the e-government network over an IP link. The information sent by the e-government network in response to the request is the on-line heterogeneous communication method based on link blocking provided by this embodiment, at this time, the first user is the e-government network, and the second user is the external network client.
In this embodiment, the first type communication link is an IP link, and the second communication link adopted by the online information ferry module 3 is a physical layer-based communication link. In this embodiment, the on-line heterogeneous communication system based on link blocking includes two on-line information ferry modules 3, one of which is a USB communication module, and the other is an SDH optical synchronous digital transmission module. The two online information ferry modules 3 have different data carrying capacities, and the SDH optical synchronous digital transmission module can carry data volume transmission in 10G; the USB communication module can carry data volume transmission in 5G, and different data volume carrying capabilities enable the online heterogeneous communication system based on link blocking provided in this embodiment to be adaptable to various scenarios of information transmission application services. However, the present invention is not limited thereto. In other embodiments, for higher data carrying requirements, a WDM optical network transmission module may also be used for data transmission. Alternatively, in other embodiments, two identical transmission modules may be simultaneously disposed in the online information ferry module, one dedicated and the other standby.
In this embodiment, when the first user 10 is a client of an external network and the second user 20 is an internal network platform, the online information ferrying module is connected to a security monitoring system in the second user 20, and the online information ferrying module 3 forwards the first user information acquired by the receiving module to the security monitoring system to implement identity authentication and service authorization of the first user. However, the present invention is not limited thereto. In other embodiments, based on the docking of the online information ferry module with the security monitoring system in the second user, the online information ferry module may further perform access trace and strict hacker evidence collection according to the data security requirements of the big data platform cloud server, and perform data cleaning and filtering according to the information security rules.
In the online heterogeneous communication method and system based on link blocking provided by this embodiment, the online information ferry module 3 based on the second type communication link blocks the IP link to ensure that the protected information is physically isolated, and only the information approved for transmission by system supervision can pass through. Furthermore, online migration of data between networks with different security levels is realized; compared with the traditional offline ferry adopting the modes of optical disks and the like, the online migration greatly improves the transmission speed and the transmission fluency.
In summary, in the online heterogeneous communication method and system based on link blocking provided by the present invention, the second type communication link is set to block the communication of the first type communication link between the first user and the second user, so as to implement isolation and blocking of security information isolation between networks with different security levels to ensure the security of data transmission. Furthermore, the second type communication link performs application data interaction in an online data ferrying mode, and the data transmission mode does not store and forward received data any more but directly performs online forwarding based on the second type communication network to realize online heterogeneous communication. The communication mode can provide large-flow real-time and reliable information interaction in the current cloud computing big data universal service era so as to meet the application requirement of big data transmission.
Although the present invention has been described with reference to the preferred embodiments, it should be understood that various changes and modifications can be made therein by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (9)
1. An online heterogeneous communication method based on link blocking is characterized by comprising the following steps:
receiving data sent by a first user based on a first-type communication link;
analyzing the received data;
transmitting the analyzed data from the side where the first user is located to the side where the second user is located on the basis of the second type communication link;
and sending the analyzed data on the side where the second user is located to the second user through the first-type communication link.
2. The method of claim 1, wherein the first type of communication link is an IP link and the second type of communication link is a physical layer based communication link.
3. The on-line heterogeneous communication method based on link blocking according to claim 2, wherein the second type communication link is a USB data transmission link or a data transmission link based on optical transmission.
4. The on-line heterogeneous communication method based on link blocking according to claim 1, wherein when the first user is a client of an external network and the second user is an internal network platform, the information representing the identity of the first user included in the data is authenticated after the received data is analyzed, and the service is authorized based on the authentication result.
5. The link blocking-based online heterogeneous communication method according to claim 4, wherein the obtained information characterizing the identity of the first user is forwarded to the side where the second user is located based on the second type communication link when the identity of the first user is authenticated; and then transmitted to the second user through the first communication link for identity authentication and service authorization.
6. An online heterogeneous communication system based on link blocking, comprising:
the receiving module is used for receiving data sent by a first user based on a first-class communication link;
the analysis module analyzes the received data;
the online information ferrying module comprises a first data interface and a second data interface, wherein the first data interface is positioned at one side where the first user is positioned, and the first data interface transmits the analyzed data from the side where the first user is positioned to the side where the second user is positioned on the basis of the second type communication link; the second data interface is positioned at one side of the second user, receives the analyzed data sent by the first data interface and sends the analyzed data to the second user through the first-type communication link.
7. The on-line heterogeneous communication system based on link blocking according to claim 6, wherein the first type of communication link is an IP link, and the second communication link adopted by the on-line information ferry module is a physical layer-based communication link.
8. The on-line heterogeneous communication system based on link blocking according to claim 7, wherein the on-line information ferry module is a USB communication module, an SDH optical synchronous digital transmission module, or a WDM wavelength division multiplexing optical network transmission module.
9. The on-line heterogeneous communication system based on link blocking according to claim 6, wherein when the first user is a client of an external network and the second user is an internal network platform, the on-line information ferrying module interfaces with a security supervision system in the second user, and the on-line information ferrying module forwards the first user information acquired by the receiving module to the security supervision system to implement identity authentication and service authorization of the first user.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010122125.7A CN111371765A (en) | 2020-02-27 | 2020-02-27 | Online heterogeneous communication method and system based on link blocking |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010122125.7A CN111371765A (en) | 2020-02-27 | 2020-02-27 | Online heterogeneous communication method and system based on link blocking |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111371765A true CN111371765A (en) | 2020-07-03 |
Family
ID=71210129
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010122125.7A Pending CN111371765A (en) | 2020-02-27 | 2020-02-27 | Online heterogeneous communication method and system based on link blocking |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111371765A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114244822A (en) * | 2021-12-17 | 2022-03-25 | 八维通科技有限公司 | Message transmission system and transmission method based on communication protocol |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104901928A (en) * | 2014-03-07 | 2015-09-09 | 中国移动通信集团浙江有限公司 | Data interaction method, device and system |
CN106131067A (en) * | 2016-08-27 | 2016-11-16 | 山东万博科技股份有限公司 | A kind of data ferry device based on heterogeneous protocol passage and method |
US20170171220A1 (en) * | 2014-06-06 | 2017-06-15 | Bae Systems Plc | Secured network bridge |
CN106992987A (en) * | 2017-04-15 | 2017-07-28 | 北京科罗菲特科技有限公司 | A kind of information transmission equipment and method based on USB |
-
2020
- 2020-02-27 CN CN202010122125.7A patent/CN111371765A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104901928A (en) * | 2014-03-07 | 2015-09-09 | 中国移动通信集团浙江有限公司 | Data interaction method, device and system |
US20170171220A1 (en) * | 2014-06-06 | 2017-06-15 | Bae Systems Plc | Secured network bridge |
CN106131067A (en) * | 2016-08-27 | 2016-11-16 | 山东万博科技股份有限公司 | A kind of data ferry device based on heterogeneous protocol passage and method |
CN106992987A (en) * | 2017-04-15 | 2017-07-28 | 北京科罗菲特科技有限公司 | A kind of information transmission equipment and method based on USB |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114244822A (en) * | 2021-12-17 | 2022-03-25 | 八维通科技有限公司 | Message transmission system and transmission method based on communication protocol |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8904532B2 (en) | Method, apparatus and system for detecting botnet | |
CN104426837B (en) | The application layer message filtering method and device of FTP | |
US20050114663A1 (en) | Secure network access devices with data encryption | |
US20060224897A1 (en) | Access control service and control server | |
US20090113517A1 (en) | Security state aware firewall | |
CN101771702B (en) | Method and system for defending distributed denial of service attack in point-to-point network | |
CN104322001A (en) | Transport layer security traffic control using service name identification | |
US20090100259A1 (en) | Management network security framework and its information processing method | |
CN104270334A (en) | SSH (Secure Shell) network security access protocol monitoring method | |
US8543807B2 (en) | Method and apparatus for protecting application layer in computer network system | |
EP4105799A1 (en) | Method and system for preventing malicious automated attacks | |
CN110391988B (en) | Network flow control method, system and safety protection device | |
CN116055254A (en) | Safe and trusted gateway system, control method, medium, equipment and terminal | |
CN109245982B (en) | Internal and external network data real-time exchange system based on one-way light splitting and stateless end-to-end connection | |
Adjei et al. | SSL stripping technique (DHCP snooping and ARP spoofing inspection) | |
Pfrang et al. | Detecting and preventing replay attacks in industrial automation networks operated with profinet IO | |
CN114390049A (en) | Application data acquisition method and device | |
CN111371765A (en) | Online heterogeneous communication method and system based on link blocking | |
US20080235370A1 (en) | Method and System for Controlling Network Traffic of P2P and Instant Messenger Softwares | |
CN114268457A (en) | Multi-protocol multi-service public network security access method | |
CN110881023A (en) | Method for providing network differentiated security service based on SDN/NFV | |
CN101938428B (en) | Message transmission method and equipment | |
CN114124473B (en) | Port mirror image-based network access authentication system and authentication method | |
CN114465744A (en) | Safety access method and network firewall system | |
EP1879350A1 (en) | Distributed computer system with a local area network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200703 |
|
RJ01 | Rejection of invention patent application after publication |