CN112583810B - Zero trust method for context-based virtual network - Google Patents

Zero trust method for context-based virtual network Download PDF

Info

Publication number
CN112583810B
CN112583810B CN202011425497.3A CN202011425497A CN112583810B CN 112583810 B CN112583810 B CN 112583810B CN 202011425497 A CN202011425497 A CN 202011425497A CN 112583810 B CN112583810 B CN 112583810B
Authority
CN
China
Prior art keywords
resource
trust
user
level
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011425497.3A
Other languages
Chinese (zh)
Other versions
CN112583810A (en
Inventor
张微
郑超
卢文朋
王媛娣
黄园园
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jizhi Hainan Information Technology Co ltd
Original Assignee
Jizhi Hainan Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jizhi Hainan Information Technology Co ltd filed Critical Jizhi Hainan Information Technology Co ltd
Priority to CN202011425497.3A priority Critical patent/CN112583810B/en
Publication of CN112583810A publication Critical patent/CN112583810A/en
Application granted granted Critical
Publication of CN112583810B publication Critical patent/CN112583810B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention discloses a zero trust method of a virtual network based on context, which measures the trust degree of a main user and accessed resources in the zero trust virtual network according to context information accessed each time, accesses the resources in an implicit trust area when the trust degree measure value exceeds a preset threshold value, and otherwise, a system has the right to refuse the access of the resources of the user, and reduces the access trust measure value of the resources. The method provided by the invention has important significance in enterprise digital transformation application.

Description

Zero trust method for context-based virtual network
Technical Field
The invention belongs to the technical field of virtual networks, and particularly relates to a zero trust method of a virtual network based on context.
Background
With the gradual maturity and improvement of Virtualization standards, rapid deployment and flexible adjustment of networks become possible, and NFV (Network Function Virtualization) technology comes up. The NFV uses virtualization technology, and provides a new method for designing, deploying and managing network services. The main idea of NFV is to decouple the physical network device and the network functions running on it, meaning that 1 network function (e.g. a firewall) can be treated as 1 instance of ordinary software. This allows a large number of network devices to be incorporated into a high capacity server. For 1 given service, it can be decomposed into multiple Virtual Network Functions VNFs (Virtual Network Functions), which can be implemented in software and run on a general-purpose server, and can be conveniently deployed in different places of the Network without purchasing and installing new hardware.
The virtualization technology can realize efficient and flexible resource management, so that the method is widely applied to the cloud platform in an enterprise. While enterprises have not only multiple internal networks, but also remote offices, mobile users, and cloud services that connect local network infrastructure remotely. This complexity has surpassed traditional security methods based on network boundary protection because enterprises have no simple, easily identifiable network boundary. The traditional network security protection based on the boundary is gradually proved to be insufficient, the limitation is increasingly highlighted, once an attacker breaks through the boundary protection of the enterprise network, the attacker can further move transversely in the internal network to attack and destroy the network without being hindered and controlled.
The complexity of the network infrastructure promotes the innovation and development of network security principles and security models, and the Zero Trust (ZT) technology is in line with the development. The zero trust technology focuses on the protection of enterprise data resources, and gradually expands to the protection of all network resources such as enterprise equipment, infrastructure, users and the like. The zero trust security model assumes that an attacker may be present in the intranet, and the intranet infrastructure is vulnerable to attack damage and does not have higher trust level, as with other external networks, and faces the same security threat. In this case, the enterprise must constantly analyze and evaluate the security risks faced by its internal network and business functions, and increase the network security protection capability to reduce the risks. In zero trust, it is typically involved in minimizing access rights to web resources such as data, computing and applications, granting access only to those users and assets that must have access rights opened, and continuing to authenticate and grant the identity and security status of each access requester.
The Zero Trust System (ZTS) is an enterprise network security strategy established based on the Zero Trust principle, and aims to prevent internal data of an enterprise from being leaked and limit the transverse movement and attack damage of an internal attacker. According to the method, the context relationship of the user accessing the virtual network resources in the enterprise is utilized, for example, the user continuously accesses the resources without the authority for many times or the access region instantaneously drifts, even if the authorization of the user identity is correct, the user identity is considered to be untrusted by the method provided by the invention, and the user needs to authorize again according to a zero trust mechanism in the virtual network, so that the user can access the resources. The method provided by the invention eliminates potential internal network attacks according to the context logic of the user access resources, and has unusual significance in enterprise digital transformation surge.
Disclosure of Invention
Therefore, the embodiment of the invention provides a zero trust method and a zero trust system for a virtual network based on context, which are used for solving the problems in the prior art.
In order to achieve the above object, the embodiments of the present invention provide the following technical solutions:
the embodiment of the invention discloses a zero trust method of a virtual network based on context, which is characterized by comprising the following steps: carrying out trust measurement on a main user and an accessed resource in the zero trust virtual network according to context information accessed each time, and accessing the resource in an implicit trust area when the trust measurement value exceeds a preset threshold value, otherwise, the system has the right to refuse the resource access of the user and reduces the access trust measurement value;
constructing a zero trust strategy decision point and a strategy execution point in a virtual network control plane;
the strategy decision point grades all resources of the virtual network platform, and grades are graded according to the importance of data and an application system, and the resources with the same grade have similar trust;
calculating the confidence measure T of the resource access according to the historical information of the user accessing the zero trust network resource User (j,r);
And comparing the calculated trust degree metric value with a preset access threshold of the grade resource, if the calculated trust degree metric value is higher than the threshold limit value, the user can access the resource in the privacy trust zone, otherwise, the virtual network refuses the access, the access value is set to fail, and the trust degree parameter of the access of the grade corresponding to the user is updated. The higher the resource level, the higher the degree of protection, and a user with a high level of access right can access the low level resource downwards, which is considered to be a trustworthy access.
In a further improvement, a zero trust policy decision point and a policy execution point are constructed in a virtual network control plane, a zero trust policy is implemented at the policy decision point/the policy execution point, zero trust resources accessed by a user are isolated, the resources in the virtual network are divided into an untrusted area and a privacy trust area, and only the resources accessed by the user with the zero trust policy can access the resources in the implicit trust area.
In a further improvement, all accessed resources in the virtual network are graded in a strategy decision point, a resource grading method is carried out according to the importance degree of resources in a zero trust network or based on the boundary defined by the virtual network, the resource grade of an internet area is 1 grade, the resource grade of a business secret outer network is 2 grade, and the grade of the business secret inner network is 3 grade; or the resources are divided according to the confidentiality level of an enterprise, the non-confidential resources are divided into 1 level, the general confidentiality level is divided into 2 levels, the confidentiality level is divided into 3 levels, the confidentiality level is divided into 4 levels, the resource levels are divided into no quantity limitation, the management complexity and the access convenience are balanced according to the zero trust network management complexity, generally, the more resource division levels are, the more management is complex, the more investment cost is, and relatively speaking, the more secure the resources are.
In a further improvement, a confidence factor alpha is set for resources of different grades in the strategy decision module according to the safety requirement of the resources r,i When the user accesses the ith resource with the r level, the context trust degree is obtained every time the user successfully accesses the ith resource, and the sum of sigma is satisfied i α r,i =1, establish confidence measure T for each user accessing different levels of resources User (j, r), according to the convention of the zero trust network, the access range of the user to the resource is as small as possible, and context trust calculation is needed when different resources are accessed each time, wherein the calculation method comprises the following steps:
Figure GDA0003722451170000031
wherein N is r For user j, the number of resources H having access rights in the resource layer of rank r j,i The accumulated success rate when the ith resource is accessed for the user j;
Figure GDA0003722451170000041
N_suc j,i represents the number of successes, N _ total, of user j accessing the ith resource j,i Representing the total number of times when the user j accesses the ith resource;
β j,r the time attenuation factor of the resource with the level r of the zero trust system accessed by the user j is longer than the time interval of the resource with the level r successfully accessed last time, and beta is larger than the time interval of the resource with the level r successfully accessed last time j,r The smaller.
Of further improvement, beta j,r =1/T j,r Wherein T is j,r The time interval from the last successful access of the level r resource for user j.
Further improved, when the user has the access right to the high-level resource, after the user successfully accesses the high-level resource, the user subsequently accesses the low-level resource, the trust level of the user is increased, and the adjustment mode is as follows:
Figure GDA0003722451170000042
wherein R _ MAX j The resource access authority of the highest level of the user j is given, and the resource of the level is successfully accessed; r _ cur j,r The level of the resource currently accessed by user j.
Further improved, according to the zero trust minimum resource access rule, the context trust degree calculation is carried out on each resource accessed by the user, and the trust degree measurement value T of the user accessed at this time is obtained User (j, r) if the confidence measure T User (j, r) is higher than a preset threshold value Th r And if not, the zero-trust virtual machine network platform can refuse the access.
The embodiment of the invention has the following advantages:
the method carries out each time of resource access trust calculation based on the context relationship of the virtual network resource in the authorized user access enterprise, and if the calculation result is not in a trusted interval according to the context relationship, the user identity is considered to be untrusted even if the authorization of the user identity is correct; the resource can be accessed only if the calculation result falls in a credible interval or through manual authorization. The method provided by the invention eliminates potential internal network attacks according to the context logic of the user access resources, and has unusual significance in enterprise digital transformation surge.
Drawings
Fig. 1 is a schematic diagram of a zero-trust resource access processing flow based on a user context method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a zero trust model in a virtual network according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a zero trust method of a virtual network based on context, which carries out trust degree measurement on a main user and accessed resources in the zero trust virtual network according to context information accessed each time, and can access the resources in an implicit trust area when the trust degree measurement value exceeds a preset threshold value, otherwise, a system has the right to refuse the access of the resources of the user, and reduces the access trust degree measurement value, and the processing flow is shown in figure 1.
Policy Decision Point (Policy Decision Point)/Policy Enforcement Point (PDP/PEP): a zero trust strategy decision point and a strategy execution point are constructed in a virtual network control plane, zero trust resources accessed by a user are isolated through a zero trust strategy realized in a PDP/PEP, the resources in the virtual network are divided into an untrusted area and an implicit trust area, and only the resources in the implicit trust area can be accessed through the user resource access of the zero trust strategy. The working process of the zero trust policy decision point/policy enforcement point is shown in figure 2.
The method based on the context logic is more beneficial to the reduction of the trust level and the calculation complexity of the zero trust network, is safer, can successfully access the resource through the same terminal at the same place, is considered to be trustworthy access by the system, can improve the trust level if the terminal is continuously used for access at the same position next time, and is considered to be easier to trust based on the access of the context. If the level of access to a resource is lower than the highest level granted by the user, it may be directly considered trustworthy, provided that the user has a low level of access. The method based on the context can effectively reduce the potential risk of the system.
Grading all accessed resources in the virtual network in a strategy decision point (module), wherein the resource grading method is carried out according to the importance degree of resources in a zero trust network or based on the boundary defined by the virtual network, the resource grade of an internet area is grade 1, the resource grade of a business secret outer network is grade 2, the grade of the business secret inner network is grade 3 and the like; or the resources are divided according to the confidentiality level of the enterprise, the non-confidential resources are 1 level, the general confidentiality level is 2 level, the confidentiality level is 3 level, and the confidentiality level is 4 level. Preferably, there is no number of resource level division, and the management complexity and the access convenience are balanced according to the zero trust network, and generally, the more resource level division, the more complex the management, the more the investment cost, and relatively speaking, the more secure the resource. Preferably, the higher the resource level is, the higher the protection degree is, and a user with high-level access authority can downwards access the resource with low level and is considered to be trustworthy access.
In the policy decision module, resources of different grades are determined according to the resourcesSource security requirement, setting a confidence factor alpha r,i When the user accesses the ith resource with the r level, the context trust degree is obtained every time the user successfully accesses the ith resource, and the sum of sigma is satisfied i α r,i =1。
Establishing a trust metric value T for each user's access to a different level of resources User (j, r), according to the convention of the zero trust network, the access range of the user to the resource is as small as possible, and context trust calculation is needed when different resources are accessed each time, wherein the calculation method comprises the following steps:
Figure GDA0003722451170000061
wherein N is r For user j, the number of resources H having access rights in the resource layer of rank r j,i The accumulated success rate when the ith resource is accessed for the user j;
Figure GDA0003722451170000062
N_suc j,i represents the number of successes, N _ total, of user j accessing the ith resource j,i Representing the total number of times when the user j accesses the ith resource;
B j,r accessing a resource time decay factor with a zero trust system level of r for a user j, the longer the time from the last successful level of r to the resource, the beta j,r The smaller, preferably, β j,r =1/T j,r Wherein T is j,r Is the time interval from the last successful access of the resource at level r for user j.
Preferably, when the user has the access right to the high-level resource, after the user successfully accesses the high-level resource, and subsequently accesses the low-level resource, the trust level of the user is increased, and the adjustment mode is as follows:
Figure GDA0003722451170000071
wherein R _ MAX j The resource access authority of the highest level of the user j is given, and the resource of the level is successfully accessed; r _ cur j,r The level of resources currently accessed by user j.
According to the minimum resource access rule of zero trust, the context trust degree calculation is carried out on each resource accessed by the user to obtain the trust degree T of the user for the access User (j, r) if T User (j, r) is higher than a preset threshold value Th r And if not, the zero-trust virtual machine network platform can refuse the access.
The method provided by the invention can effectively prevent the transverse attack through the virtual network in the enterprise by constructing the context trust measurement method in the zero trust network environment by the user, thereby ensuring the resource safety in the virtual network environment. The method provided by the invention has important significance in enterprise digital transformation application.
And finally: the above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the present invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (5)

1. A zero trust method for a context-based virtual network is characterized by comprising the following steps: carrying out trust measurement on a main user and accessed resources in the zero trust virtual network according to context information accessed every time, and accessing the resources in an implicit trust area when the trust measurement value exceeds a preset threshold value, otherwise, the system has the right to refuse the resource access of the user and reduces the trust measurement value of the access;
constructing a zero trust strategy decision point and a strategy execution point in a virtual network control plane;
the strategy decision point grades all resources of the virtual network platform, and grades are graded according to the importance of data and an application system, and the resources with the same grade have similar trust;
calculating the confidence measure T of the resource access according to the historical information of the user accessing the zero trust network resource User (j, r), wherein: setting a confidence factor alpha for resources with different grades in the strategy decision point according to the safety requirement of the resources r,i When the user accesses the ith resource with the grade of ∑ and the context trust level is obtained every time the user successfully accesses the ith resource i α r,i =1, establishing a confidence measure T for each user accessing different levels of resources User (j, r), according to the convention of the zero trust network, the access range of the user to the resource is as small as possible, and context trust calculation is needed when different resources are accessed each time, wherein the calculation method comprises the following steps:
Figure FDA0003837877940000011
wherein N is r For the number of resources that user j has access rights in the resource layer of rank r,
H j,i the accumulated success rate when the ith resource is accessed for the user j;
Figure FDA0003837877940000012
N_suc j,i represents the number of successes, N _ total, of user j accessing the ith resource j,i Representing the total times of accessing the ith resource by the user j;
β j,r the time attenuation factor of the resource with the level r of the zero trust system accessed by the user j is longer than the time interval of the resource with the level r successfully accessed last time, and beta is larger than the time interval of the resource with the level r successfully accessed last time j,r The smaller;
and comparing the calculated trust degree metric value with an access threshold of a preset level resource, if the calculated trust degree metric value is higher than the threshold limit value, the user can access the resource in a privacy trust zone, otherwise, the virtual network refuses the access, the access value is set to fail, the higher the trust degree parameter resource level for updating the access of the corresponding level of the user is, the higher the protection degree is, the user with a high level access authority can access the low level resource downwards, and the user is considered to be access worthy of trust.
2. The zero trust method for the virtual network based on the context as claimed in claim 1, wherein the zero trust strategy decision point and the strategy execution point are constructed in the virtual network control plane, the zero trust resource accessed by the user is isolated by the zero trust strategy realized at the strategy decision point/the strategy execution point, the resource in the virtual network is divided into an untrusted area and a privacy trust area, and only the resource of the user with the zero trust strategy can access the resource in the implicit trust area.
3. The context-based virtual network zero-trust method of claim 1, wherein: grading all accessed resources in the virtual network in a strategy decision point, wherein the resource grading method is carried out according to the importance degree of resources in a zero trust network or based on the boundary defined by the virtual network, the resource grade of an internet area is grade 1, the resource grade of a commercial cipher outer network is grade 2, and the grade of a commercial cipher inner network is grade 3; or the resources are divided according to the confidentiality level of an enterprise, the non-confidential resources are divided into 1 level, the general confidentiality level is divided into 2 levels, the confidentiality level is divided into 3 levels, the confidentiality level is divided into 4 levels, the resource level division has no quantity limitation, the management complexity and the access convenience are balanced according to the zero trust network management complexity, and generally, the more resource division levels are, the more management is complex, the more investment cost is, and the more secure the resources are.
4. The context-based virtual network zero-trust method of claim 1, wherein: beta. Of j,r =1/T j,r Wherein T is j,r The time interval from the last successful access of the level r resource for user j.
5. The context-based virtual network zero-trust method of claims 1-4, wherein: when the user has the access right of the high-level resource, after the user successfully accesses the high-level resource, the trust degree of the user is increased when the user subsequently accesses the low-level resource, and the adjustment mode is as follows:
Figure FDA0003837877940000021
wherein R _ MAX j The resource access authority of the highest level of the user j is given, and the resource of the level is successfully accessed; r _ cur j,r The level of the resource currently accessed by user j.
CN202011425497.3A 2020-12-09 2020-12-09 Zero trust method for context-based virtual network Active CN112583810B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011425497.3A CN112583810B (en) 2020-12-09 2020-12-09 Zero trust method for context-based virtual network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011425497.3A CN112583810B (en) 2020-12-09 2020-12-09 Zero trust method for context-based virtual network

Publications (2)

Publication Number Publication Date
CN112583810A CN112583810A (en) 2021-03-30
CN112583810B true CN112583810B (en) 2022-11-25

Family

ID=75127798

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011425497.3A Active CN112583810B (en) 2020-12-09 2020-12-09 Zero trust method for context-based virtual network

Country Status (1)

Country Link
CN (1) CN112583810B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113507463A (en) * 2021-07-06 2021-10-15 中电积至(海南)信息技术有限公司 Construction method of zero trust network
CN113992444A (en) * 2021-12-28 2022-01-28 中孚安全技术有限公司 Network attack traceability and anti-system based on host computer defense
CN115967545B (en) * 2022-12-01 2024-02-06 上海物盾信息科技有限公司 Edge computing security protection method, system, electronic equipment and readable storage medium
CN115802357B (en) * 2023-02-08 2023-05-23 国网天津市电力公司电力科学研究院 5G distribution network feeder automation control method, device and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11070539B2 (en) * 2018-04-10 2021-07-20 ArecaBay, Inc. Network security dynamic access control and policy enforcement
CN109347807B (en) * 2018-09-20 2021-03-19 北京计算机技术及应用研究所 Trust-based differential intrusion prevention method
CN111953679A (en) * 2020-08-11 2020-11-17 中国人民解放军战略支援部队信息工程大学 Intranet user behavior measurement method and network access control method based on zero trust
CN112055029B (en) * 2020-09-16 2023-04-07 全球能源互联网研究院有限公司 User real-time trust degree evaluation method for zero-trust electric power Internet of things equipment

Also Published As

Publication number Publication date
CN112583810A (en) 2021-03-30

Similar Documents

Publication Publication Date Title
CN112583810B (en) Zero trust method for context-based virtual network
US20080148340A1 (en) Method and system for providing network enforced access control
CN111953679A (en) Intranet user behavior measurement method and network access control method based on zero trust
CN111917714B (en) Zero trust architecture system and use method thereof
US20070169204A1 (en) System and method for dynamic security access
CN112737824A (en) User trust measurement method in zero-trust SDN network
Shore et al. Zero trust: the what, how, why, and when
CN114553540B (en) Zero trust-based Internet of things system, data access method, device and medium
Krautsevich et al. Risk-aware usage decision making in highly dynamic systems
CN112115484B (en) Access control method, device, system and medium for application program
CN114003943B (en) Safe double-control management platform for computer room trusteeship management
US20230155817A1 (en) Managing secret values using a secrets manager
CN114338105B (en) Zero trust based system for creating fort
US20170346837A1 (en) Real-time security modification and control
JP5614500B2 (en) Consignment type authentication method
US9467448B2 (en) Consigning authentication method
CN112583586A (en) Network security information processing system
CN115802357A (en) 5G power distribution network feeder automation control method, device and storage medium
CN116208401A (en) Cloud master station access control method and device based on zero trust
Shi et al. Continuous trust evaluation of power equipment and users based on risk measurement
Phillips et al. Automated Knowledge-Based Cybersecurity Risk Assessment of Cyber-Physical Systems
Trad Entity Transformation Projects: Security Management Concept (SMC)
US20230069924A1 (en) Information Security
Bande et al. Designing Confidential Cloud Computing for Multi-Dimensional Threats and Safeguarding Data Security in a Robust Framework
CN115587374B (en) Dynamic access control method and control system based on trust value

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 571924 301, floor 3, building A09, Hainan Ecological Software Park, high tech industry demonstration zone, Laocheng, Hainan Province

Applicant after: Jizhi (Hainan) Information Technology Co.,Ltd.

Address before: 571924 301, Floor 3, Building A09, Hainan Ecological Software Park, Old Town High tech Industry Demonstration Zone, Chengmai County, Hainan Province

Applicant before: Zhongdian Jizhi (Hainan) Information Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant