CN112333201A - Upper-layer application requests micro-service authentication optimization system through gateway - Google Patents

Upper-layer application requests micro-service authentication optimization system through gateway Download PDF

Info

Publication number
CN112333201A
CN112333201A CN202011307379.2A CN202011307379A CN112333201A CN 112333201 A CN112333201 A CN 112333201A CN 202011307379 A CN202011307379 A CN 202011307379A CN 112333201 A CN112333201 A CN 112333201A
Authority
CN
China
Prior art keywords
gateway
service
data
api
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011307379.2A
Other languages
Chinese (zh)
Inventor
王雷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Huanwang Technology Co Ltd
Original Assignee
Guangdong Huanwang Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Huanwang Technology Co Ltd filed Critical Guangdong Huanwang Technology Co Ltd
Priority to CN202011307379.2A priority Critical patent/CN112333201A/en
Publication of CN112333201A publication Critical patent/CN112333201A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a micro-service authentication optimization system requested by upper-layer application through a gateway, which comprises a client, the gateway and a micro-service; the gateway comprises a Nginx reverse proxy server, gateway management, API gateway authentication service and log collection service; the specific process of the client side for carrying out the bottom layer service request through the gateway is as follows: the method comprises the steps that a client requests a gateway authentication service through a Nginx reverse proxy server, an API gateway authentication service authenticates a request source, routing data and gateway DB data are inquired and fed back to the gateway authentication service in gateway management after the authentication is passed, and the API gateway authentication service requests a micro service through the Nginx reverse proxy server after receiving the data; the log collection service is used for collecting logs after authentication, storing the log collection and carrying out data statistics. The invention supports simple, rapid and safe completion of API construction, management and release, opens the service capability of the application with high efficiency, reduces the calling cost and makes the authentication mode more convenient.

Description

Upper-layer application requests micro-service authentication optimization system through gateway
Technical Field
The invention belongs to the technical field of gateways, and particularly relates to a micro-service authentication optimization system requested by an upper layer application through a gateway.
Background
At present, when an upper application (APP, SAAS system or WEB product) requests a bottom layer service, forwarding is usually performed through a gateway (micro services will be registered on the gateway and forwarded by an operator through the gateway), and the gateway will perform traffic, authentication and safety check to protect the bottom layer micro services.
In the related art, the mainstream technical implementation method mainly adopts TOKEN authentication and APP authentication, but the above methods have the following problems:
1) the internal use of the company or the cooperation company requests through the gateway, and when the authentication mode is adopted, the calling cost is higher;
2) the upper layer application is required to support two authentication modes, which is inconvenient.
Disclosure of Invention
In view of this, the present invention provides a system for optimizing authentication of micro-services requested by an upper layer application through a gateway, so as to solve the problems of high cost and inconvenience in invoking a gateway request authentication method in the prior art.
In order to achieve the purpose, the invention adopts the following technical scheme: an upper layer application requests a micro-service authentication optimization system through a gateway, comprising: client, gateway and microservice; the client side carries out a micro-service request through the gateway;
the gateway includes: a Nginx reverse proxy server, gateway management, API gateway authentication service and log collection service;
the specific process of the client side for carrying out the bottom layer service request through the gateway is as follows:
the client requests a gateway authentication service through a Nginx reverse proxy server, the API gateway authentication service authenticates the request source, inquires routing data and gateway DB data in gateway management and feeds back the routing data and the gateway DB data to the gateway authentication service after the authentication is passed, and the API gateway authentication service requests a micro service through the Nginx reverse proxy server after receiving the data;
the log collection service is used for collecting logs after authentication, storing the log collection and carrying out data statistics.
Further, the gateway management includes: API gateway management system, Redis and mongoDB;
the API gateway management system is used for authenticating the request source and sending the authenticated data to Redis and mongoDB;
the mongoDB is used for storing routing data and gateway DB data and synchronizing cache data in the Redis at regular time;
the Redis is used for caching the routing data and the gateway DB data and sending the routing data and the gateway DB data to the API gateway authentication service.
Further, the gateway authentication service authenticates the request source, including:
the API gateway authentication service performs IP access control, flow control strategy and signature key on a request source.
Further, the IP access control is set in the API gateway management system
White list management, which is used for setting a white list, wherein the white list is used for setting IP to allow a gateway request;
and the blacklist management is used for setting a blacklist, and the blacklist is used for rejecting the gateway request.
Further, the white list setting process includes:
adding a white list name;
a white list IP is set.
Further, the white list IP is:
domain name + path + english id.
Further, the log collection service includes:
the Logstash is used for collecting original data;
and the Elasticissearch is used for cleaning the original data and storing the cleaned data.
Further, the raw data includes:
the operation log data is used for carrying out positioning tracking query on the use condition of the user;
and calling log data for use in an API calling process of the system API gateway authentication service, which has problems and tracking management of any API calling process.
Further, the gateway further includes:
the login module is used for registering a user with personal identity information and logging in the gateway;
the personal identity information comprises an identity card number, a mobile phone number and a name.
Further, the gateway further includes:
and the alarm module is used for alarming when the gateway flow fails.
By adopting the technical scheme, the invention can achieve the following beneficial effects:
the invention provides a micro-service authentication optimization system requested by upper-layer application through a gateway, which supports simple, rapid and safe completion of API construction, management and release, efficiently opens the service capability of application, reduces the calling cost and is more convenient for an authentication mode. In addition, the method and the device can perform more accurate API management and control, namely, an IP white list/black list is set to allow/reject the API request of a certain source. And the access frequency of the flow control API, the request frequency of the APP and the request frequency of the user can be set.
The invention can support the application requesting encryption and authorization to access the corresponding API, and the single application limits the API access, IP white list and black list access control strategy mechanism, flow control, accurate control of access API flow and prevention of malicious attack.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a system for requesting microservice authentication optimization by an upper layer application through a gateway according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be described in detail below. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the examples given herein without any inventive step, are within the scope of the present invention.
A specific upper-layer application request microservice authentication optimization system provided in the embodiment of the present application through a gateway is described below with reference to the accompanying drawings.
As shown in fig. 1, the upper layer application provided in this embodiment requests a micro-service authentication optimization system through a gateway, including: client, gateway and microservice; the client side carries out a micro-service request through the gateway;
the gateway includes: a Nginx reverse proxy server, gateway management, API gateway authentication service and log collection service;
the specific process of the client side for carrying out the bottom layer service request through the gateway is as follows:
the client requests a gateway authentication service through a Nginx reverse proxy server, the API gateway authentication service authenticates the request source, inquires routing data and gateway DB data in gateway management and feeds back the routing data and the gateway DB data to the gateway authentication service after the authentication is passed, and the API gateway authentication service requests a micro service through the Nginx reverse proxy server after receiving the data;
the log collection service is used for collecting logs after authentication, storing the log collection and carrying out data statistics.
The working principle of the upper layer application requesting the micro-service authentication optimization system through the gateway is as follows: the client requests the microservice through the gateway. The client requests gateway authentication service through the Nginx reverse proxy server, the API gateway authentication service authenticates the source of the request, after the authentication is passed, routing data and gateway DB data are inquired in gateway management and fed back to the gateway authentication service, and after the API gateway authentication service receives the data, micro service is requested through the Nginx reverse proxy server.
The method and the device can help collaborators to quickly build a product framework, and maximize the utilization rate of the capacity. The ONAIR API GateWay will provide full lifecycle management including creation, maintenance, release, offline, etc. The API Gateway can be used for packaging self service, and safely and reliably opening data, service logic or functions so as to realize self system integration and service connection with a partner.
In some embodiments, the gateway management comprises: API gateway management system, Redis and mongoDB;
the API gateway management system is used for authenticating the request source and sending the authenticated data to Redis and mongoDB;
the mongoDB is used for storing routing data and gateway DB data and synchronizing cache data in the Redis at regular time;
the Redis is used for caching the routing data and the gateway DB data and sending the routing data and the gateway DB data to the API gateway authentication service.
It can be understood that the direct request of the mongoDB database can bring pressure to the database, data can exist in a redis (cache), and the mongoDB database regularly synchronizes the data to the redis, so that when data transmission is carried out, the data is only taken from the redis cache and fed back to the API gateway authentication service, the data acquisition efficiency is high, and the request is fast.
Preferably, the authenticating the request source by the gateway authentication service includes:
the API gateway authentication service performs IP access control, flow control strategy and signature key on a request source.
Preferably, the IP access control is set in the API gateway management system
White list management, which is used for setting a white list, wherein the white list is used for setting IP to allow a gateway request;
and the blacklist management is used for setting a blacklist, and the blacklist is used for rejecting the gateway request.
Wherein the IP access control is used for configuring an IP white list/black list of the API to allow/reject an API request of a certain source; the flow control strategy is used for configuring flow control values of an API and an application object, the unit can be minutes, hours and days, the limitation can be carried out on the times of requests according to the day, the hour and the minute, when the flow exceeds a threshold value, a new request can be intercepted by a gateway, and the normal operation of a back-end service is ensured; the signature secret key is used for verifying the identity of the API gateway by the back-end service, and the safety of the back-end service is guaranteed when the API gateway requests the back-end service.
Specifically, the IP access control and the API are independently managed (plug-in), the IP access control is one of API safety protection components provided by the API gateway, and after the IP access control and the API are bound, an IP access control strategy can act on the bound API to provide functions of IP access control list management, access control creation, editing, deletion, strategy item addition and the like; the supported IP white list allows the API request of a certain source, and the supported IP black list rejects the API request of a certain source. The method supports direct setting of IP addition strategy items, supports regular expression addition strategy items, and supports one-to-many binding of a white list/a black list and an API.
The flow control strategy and the API are independently managed (are pluged), after the flow control strategy and the API are bound, the flow control strategy can only act on the bound API to provide functions of flow strategy list management, strategy creation, editing, deleting and the like, the called times of the API supporting the setting and binding in unit time cannot exceed a set value, and the called times of any API supporting the setting and binding in unit time cannot exceed the set value. And a special APP is added under the support of the flow control strategy, and one-to-many binding of the flow control strategy and the API is supported. The flow control policy may be used to regulate the frequency of access of the API, the frequency of requests of the APP, and the frequency of requests of the user
The safety key and the API are independently managed (plug-in), the signature key is used for verifying the identity of the API gateway by the back-end service, and when the API gateway requests the back-end service, the safety of the back-end service is guaranteed. After the operation and the binding, the security key can act on the bound API, the functions of security list management, policy creation, editing, deletion and the like are supported, the verification of gateway signature verification by a back end is supported, and the encryption storage of the key is supported to ensure the security of the key.
Preferably, the white list setting process includes:
adding a white list name;
a white list IP is set.
The white list IP is: domain name + path + english id.
Specifically, a white list policy is added in white list management on a gateway, policy rules are set, and setting of an application white list is supported, namely, other contents do not need to be checked in current application access, and only a domain name + a path + an English identification need to be checked; an IP white list may also be set, that is, other content is not required to be checked for current IP access, and only the domain name + path + english id is required to be checked. In the prior art, time stamps, random numbers and the like need to be checked, which is troublesome.
By setting a white list, the application adds a non-authentication mode, so that the invention supports 3 authentication and authorization: APP authentication, TOKEN authentication, no authentication (pass).
In some embodiments, the log collection service comprises:
the Logstash is used for collecting original data;
and the Elasticissearch is used for cleaning the original data and storing the cleaned data.
The Elasticissearch cleans the original data in the Logstash, and removes redundant data and unclear data in the original data.
Wherein the raw data comprises:
the operation log data is used for carrying out positioning tracking query on the use condition of the user;
and calling log data for use in an API calling process of the system API gateway authentication service, which has problems and tracking management of any API calling process.
Preferably, the gateway further comprises:
the login module is used for registering a user with personal identity information and logging in the gateway;
the personal identity information comprises an identity card number, a mobile phone number and a name.
And the browser inputs a gateway URL address, displays a system login page, and displays different menu operation authorities after different user roles log in. After logging in, the system needs to obtain the information of the user name, the role, the tenant and the authority (user control system function menu) of the logged-in user information. When logging in, the background database checks whether the 'user name/password' is correct (user name/password is correct), if so, the following processing is continued, and if not, the operation is terminated by returning a prompt message 'user name or password is wrong'. After logging in, the user acquires the following information: role, tenant, authority information; and then enters the system.
Preferably, the gateway further comprises:
and the alarm module is used for alarming when the gateway flow fails.
The application sets an alarm rule and an alarm prompt, so that the user can manage the API conveniently.
In summary, the present invention provides a micro-service authentication optimization system requested by an upper layer application through a gateway, and the present invention encapsulates the self-service capability into an API, and opens the capability, service, and data in the form of API to a user for calling through the API gateway. The gateway only performs routing and authentication, IP, flow and other control, the front-end Path and API parameters are self-defined by an API provider, and an API caller checks and calls the uploaded document according to the API provider when calling. All requests of the client pass through the API gateway firstly, then the requests are routed to proper micro-services by the API gateway, the API is simply, quickly and safely constructed, managed and issued, the service capability of the application is efficiently opened, the calling cost is reduced, and the authentication mode is more convenient.
It is to be understood that the system embodiments provided above correspond to the apparatus embodiments described above, and the corresponding specific contents may be referred to each other, which is not described herein again.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of systems, devices (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including an instruction system which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (10)

1. An upper layer application requests a micro-service authentication optimization system through a gateway, comprising: client, gateway and microservice; the client side carries out a micro-service request through the gateway;
the gateway includes: a Nginx reverse proxy server, gateway management, API gateway authentication service and log collection service;
the specific process of the client side for carrying out the bottom layer service request through the gateway is as follows:
the client requests a gateway authentication service through a Nginx reverse proxy server, the API gateway authentication service authenticates the request source, inquires routing data and gateway DB data in gateway management and feeds back the routing data and the gateway DB data to the gateway authentication service after the authentication is passed, and the API gateway authentication service requests a micro service through the Nginx reverse proxy server after receiving the data;
the log collection service is used for collecting logs after authentication, storing the log collection and carrying out data statistics.
2. The system of claim 1, wherein the gateway management comprises: API gateway management system, Redis and mongoDB;
the API gateway management system is used for authenticating the request source and sending the authenticated data to Redis and mongoDB;
the mongoDB is used for storing routing data and gateway DB data and synchronizing cache data in the Redis at regular time;
the Redis is used for caching the routing data and the gateway DB data and sending the routing data and the gateway DB data to the API gateway authentication service.
3. The system of claim 1, wherein the gateway authentication service authenticates the source of the request, comprising:
the API gateway authentication service performs IP access control, flow control strategy and signature key on a request source.
4. The system of claim 3, wherein the IP access control is set in the API gateway management system
White list management, which is used for setting a white list, wherein the white list is used for setting IP to allow a gateway request;
and the blacklist management is used for setting a blacklist, and the blacklist is used for rejecting the gateway request.
5. The system of claim 4, wherein the white list is set by:
adding a white list name;
a white list IP is set.
6. The system of claim 5, wherein the white list IP is:
domain name + path + english id.
7. The system of claim 1, wherein the log collection service comprises:
the Logstash is used for collecting original data;
and the Elasticissearch is used for cleaning the original data and storing the cleaned data.
8. The system of claim 7, wherein the raw data comprises:
the operation log data is used for carrying out positioning tracking query on the use condition of the user;
and calling log data for use in an API calling process of the system API gateway authentication service, which has problems and tracking management of any API calling process.
9. The system of claim 1, wherein the gateway further comprises:
the login module is used for registering a user with personal identity information and logging in the gateway;
the personal identity information comprises an identity card number, a mobile phone number and a name.
10. The system of any one of claims 1 to 9, wherein the gateway further comprises:
and the alarm module is used for alarming when the gateway flow fails.
CN202011307379.2A 2020-11-20 2020-11-20 Upper-layer application requests micro-service authentication optimization system through gateway Pending CN112333201A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011307379.2A CN112333201A (en) 2020-11-20 2020-11-20 Upper-layer application requests micro-service authentication optimization system through gateway

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011307379.2A CN112333201A (en) 2020-11-20 2020-11-20 Upper-layer application requests micro-service authentication optimization system through gateway

Publications (1)

Publication Number Publication Date
CN112333201A true CN112333201A (en) 2021-02-05

Family

ID=74321373

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011307379.2A Pending CN112333201A (en) 2020-11-20 2020-11-20 Upper-layer application requests micro-service authentication optimization system through gateway

Country Status (1)

Country Link
CN (1) CN112333201A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113572779A (en) * 2021-07-28 2021-10-29 重庆允成互联网科技有限公司 Gateway authentication system, method, computer equipment and storage medium
CN113595788A (en) * 2021-07-28 2021-11-02 上海华兴数字科技有限公司 API gateway management method and device based on plug-in
CN114124408A (en) * 2021-11-26 2022-03-01 浪潮云信息技术股份公司 Method and system for realizing back-end signature of API gateway
CN114117401A (en) * 2022-01-22 2022-03-01 深圳竹云科技股份有限公司 API (application program interface) secure calling method, device, equipment and computer storage medium
CN114338762A (en) * 2021-12-15 2022-04-12 江苏银承网络科技股份有限公司 Same city data open system, method, electronic equipment and storage medium
CN114466076A (en) * 2022-01-18 2022-05-10 上海数据交易中心有限公司 API gateway architecture applied in general financial business scene and use method
CN114827246A (en) * 2022-03-18 2022-07-29 中国人寿保险股份有限公司 Gateway flow control method and device, electronic equipment and storage medium
CN114826725A (en) * 2022-04-20 2022-07-29 微位(深圳)网络科技有限公司 Data interaction method, device, equipment and storage medium
CN114915435A (en) * 2021-02-09 2022-08-16 网联清算有限公司 Service data access method and system
CN115118705A (en) * 2022-06-28 2022-09-27 重庆大学 Industrial edge management and control platform based on micro-service
CN115134134A (en) * 2022-06-23 2022-09-30 中国民航信息网络股份有限公司 Information processing method, device and equipment
CN115250195A (en) * 2022-03-14 2022-10-28 上海广升信息技术股份有限公司 Agent layer-based MQ connection expansion method and application thereof

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109327477A (en) * 2018-12-06 2019-02-12 泰康保险集团股份有限公司 Authentication method, device and storage medium
CN109672612A (en) * 2018-12-13 2019-04-23 中国电子科技集团公司电子科学研究院 API gateway system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109327477A (en) * 2018-12-06 2019-02-12 泰康保险集团股份有限公司 Authentication method, device and storage medium
CN109672612A (en) * 2018-12-13 2019-04-23 中国电子科技集团公司电子科学研究院 API gateway system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
温馨等: "基于OpenResty平台的API网关系统的设计与实现", 《信息化研究》 *

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114915435A (en) * 2021-02-09 2022-08-16 网联清算有限公司 Service data access method and system
CN114915435B (en) * 2021-02-09 2024-03-19 网联清算有限公司 Service data access method and system
CN113595788A (en) * 2021-07-28 2021-11-02 上海华兴数字科技有限公司 API gateway management method and device based on plug-in
CN113595788B (en) * 2021-07-28 2024-05-28 上海华兴数字科技有限公司 API gateway management method and device based on plug-in
CN113572779A (en) * 2021-07-28 2021-10-29 重庆允成互联网科技有限公司 Gateway authentication system, method, computer equipment and storage medium
CN114124408A (en) * 2021-11-26 2022-03-01 浪潮云信息技术股份公司 Method and system for realizing back-end signature of API gateway
CN114338762A (en) * 2021-12-15 2022-04-12 江苏银承网络科技股份有限公司 Same city data open system, method, electronic equipment and storage medium
CN114466076A (en) * 2022-01-18 2022-05-10 上海数据交易中心有限公司 API gateway architecture applied in general financial business scene and use method
CN114117401A (en) * 2022-01-22 2022-03-01 深圳竹云科技股份有限公司 API (application program interface) secure calling method, device, equipment and computer storage medium
CN115250195A (en) * 2022-03-14 2022-10-28 上海广升信息技术股份有限公司 Agent layer-based MQ connection expansion method and application thereof
CN114827246A (en) * 2022-03-18 2022-07-29 中国人寿保险股份有限公司 Gateway flow control method and device, electronic equipment and storage medium
CN114827246B (en) * 2022-03-18 2024-08-06 中国人寿保险股份有限公司 Gateway flow control method and device, electronic equipment and storage medium
CN114826725A (en) * 2022-04-20 2022-07-29 微位(深圳)网络科技有限公司 Data interaction method, device, equipment and storage medium
CN114826725B (en) * 2022-04-20 2024-04-16 微位(深圳)网络科技有限公司 Data interaction method, device, equipment and storage medium
CN115134134A (en) * 2022-06-23 2022-09-30 中国民航信息网络股份有限公司 Information processing method, device and equipment
CN115118705A (en) * 2022-06-28 2022-09-27 重庆大学 Industrial edge management and control platform based on micro-service
CN115118705B (en) * 2022-06-28 2024-03-15 重庆大学 Industrial edge management and control platform based on micro-service

Similar Documents

Publication Publication Date Title
CN112333201A (en) Upper-layer application requests micro-service authentication optimization system through gateway
US11818274B1 (en) Systems and methods for trusted path secure communication
CN108989346B (en) Third-party valid identity escrow agile authentication access method based on account hiding
JP6514218B2 (en) Client authentication using social data
US20190140844A1 (en) Identity-linked authentication through a user certificate system
CA2744971C (en) Secure transaction authentication
CN101873331B (en) Safety authentication method and system
KR102119449B1 (en) Aggregation open api platform system, method for prividing financial services using the same and computer program for the same
WO2019109097A1 (en) Identity verification document request handling utilizing a user certificate system and user identity document repository
EP3375135A1 (en) Methods and systems for pki-based authentication
CN110572395B (en) Identity verification method and system
CN111131301A (en) Unified authentication and authorization scheme
CN112149105A (en) Data processing system, method, related device and storage medium
CN102546664A (en) User and authority management method and system for distributed file system
CN103297437A (en) Safety server access method for mobile intelligent terminal
CN100514333C (en) Data base safety access method and system
CN108632241B (en) Unified login method and device for multiple application systems
CN107426223B (en) Cloud document encryption and decryption method, cloud document encryption and decryption device and cloud document processing system
JP2017152880A (en) Authentication system, key processing coordination method, and key processing coordination program
US20190288833A1 (en) System and Method for Securing Private Keys Behind a Biometric Authentication Gateway
CN114462059A (en) Table field level encryption and security access control method and system
CN113225351A (en) Request processing method and device, storage medium and electronic equipment
US20140250499A1 (en) Password based security method, systems and devices
CN111814186B (en) Menu authority access control method of intelligent equipment operation platform
CN116756776A (en) Access control method and device, desktop operating system login platform and processor

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210205

RJ01 Rejection of invention patent application after publication