CN112910657A - Cloud security token early warning system - Google Patents
Cloud security token early warning system Download PDFInfo
- Publication number
- CN112910657A CN112910657A CN202110133780.7A CN202110133780A CN112910657A CN 112910657 A CN112910657 A CN 112910657A CN 202110133780 A CN202110133780 A CN 202110133780A CN 112910657 A CN112910657 A CN 112910657A
- Authority
- CN
- China
- Prior art keywords
- module
- security
- cloud
- data
- cloud security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Abstract
The invention discloses a cloud security token early warning system, which is externally connected with a user and a service system and comprises a cloud security token control module, a security token module, a cloud security diagnosis module, a cloud security management module and a cloud early warning management module. The invention has low hardware cost, safety monitoring of the whole life cycle and timely early warning function of abnormal data. The system adopts a dual-channel and three-layer structure, can comprehensively protect users and service systems, and adopts systematic and multi-thread data index management for data which is in large quantity and is dispersedly managed in a plurality of hard disks, a plurality of databases and a plurality of data tables. The method comprises the following steps of (1) performing multithread management technology according to performance optimization and data loading of a server CPU, a hard disk, a network and an index set; by adopting a data monitoring synchronization technology and taking multithreading data loading protection measures around, data errors caused by communication, error reporting and sequencing sequence dislocation are avoided, and data reading is accelerated while data correctness is guaranteed.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a cloud security token early warning system.
Background
With the progress of technology, the information system and the APP are more and more widely used, so that the information of the service system has a great interest relationship, and the information system uses a public network as a connection environment in use. Data communication and user requests in the public network can be acquired and illegally used by illegal means such as interception, tampering and embezzlement by illegal persons.
In the prior art, some users or enterprises with high system security requirements generally use heavy entity security modules. The method has the problems of higher use cost, hardware compatibility and the like. Some users adopt a software encryption mode for security protection, but the users have the risks of being cracked, the learning cost of the users is high, and the like.
For example, the UKEY security technology in the prior art is to protect the security verification of the client, and has a disadvantage that after the client is verified, the real-time security check is not performed any more after the connection with the system is established. For example, in the prior art, a security technology for encrypting a user account password login by using software exists, which only encrypts request data, ignores security verification of a user connection establishment process, and invalidates encryption if the user account is directly used for login. And once the connection is established, the data is not encrypted any more, and the method for preventing the data from being cracked cannot be adopted, so that the process monitoring is not available, and the abnormal data early warning is lacked. In addition, some encryption methods in the prior art cannot detect the security of a user, namely the Internet and a server, and only avoid the problem that the login is circularly cracked by a machine.
There is a great need in the market for a security system that can monitor the entire process of a user communicating with a service server via the internet and that has the capability to act as an administrator to issue an alert notification once an anomaly is detected.
Disclosure of Invention
The invention aims to provide a cloud security token early warning system which is low in hardware cost, has the safety monitoring function of a full life cycle, and has the function of timely early warning abnormal data.
In order to achieve the purpose, the invention provides the following technical scheme: a cloud security token early warning system is externally connected with a user and a service system, and comprises:
the cloud security token control module is used for connecting the service system to be loaded, carrying out security check on the user to be loaded and the service system, diagnosing whether the security token module is started or not, and sending a security token module starting notice to the user if the security token module is not started;
the security token module is used for packaging the security code at the user side, encrypting and packaging the security code and sending the security code to the cloud security management module;
the cloud security diagnosis module is used for acquiring a request of a user for the service system and carrying out security check; classifying the request data, encrypting and packaging the security codes, and sending the security codes to a cloud security management module;
the cloud security management module is used for receiving security token data from the client and cloud security diagnosis data from the system server, and sending the abnormal data and the acquired service system data to the cloud early warning management module;
and the cloud early warning management module is used for receiving and storing abnormal data information from the cloud security management module and sending early warning notification to a corresponding administrator according to the classification and the type of the instruction of the cloud security management module.
Preferably, the cloud security token control module comprises a cloud security token configuration module, a cloud security token transit module, a security token module starting module, a cloud security token marking module and a cloud security diagnosis module starting module; the cloud security token configuration module is used for connecting the service system by configuring an IP address of the service system, a port number of the service system, a service feature code and a security code of the service system; the cloud security token transfer module carries out security detection and transfer on a request from a user to a service system according to the IP address of the service system, the port number of the service system and the service feature code; the security token module starting module is used for detecting whether the user client starts the security token module or not, and if not, the client is informed to start the security token module; the cloud security token marking module is used for carrying out service system security code identification on the transferred user request to ensure the use of user service functions; the cloud security diagnosis module starting module is used for judging whether the cloud security diagnosis module is started or not, and if not, informing the client to start the security token module.
Preferably, the service system IP address and the service system port number are used to identify a protection system to be pre-warned; the service feature code is a service system server and a user request identifier and is used for carrying out security check; the service system security code is a binding identifier of the cloud security token early warning system and the service system, and is periodically replaced and encrypted according to the security level.
Preferably, the security token module comprises a security token encapsulation module, a security token thread interception module, a security token closing command module, a security token data module, and a security token information module; the security token encapsulation module is used for encapsulating the service system IP address, the service system port number, the service feature code, the service system security code and the user unique identifier by using a security code encryption algorithm and storing the security token encapsulation module in the client security token module; the safety token thread module is used for keeping the safety of the client service system in the whole application process when a user uses the service system or a client of the service system is disconnected with a server of the service system, and periodically sending safety information to the cloud safety management module; the safety token closing command module is used for detecting a service system closing command and a user quitting/closing command, closing a client safety token after receiving the corresponding command, and cancelling safety token encapsulation data; the safety token thread monitoring module is used for monitoring the safety token thread, restarting the safety token thread when the thread is wrong or interrupted, and reestablishing the connection between the client safety token and the cloud safety management module; the security token data module comprises a client public network IP, a local network IP, a network card mac address and media data; and the security token information module is used for encrypting and packaging the security token data module by adopting the latest security code and sending the security token data module to the cloud security management module.
Preferably, the cloud security diagnosis module comprises a cloud security diagnosis interception module, a cloud security diagnosis data module and a cloud security diagnosis information module; the cloud security diagnosis interception module is used for acquiring a request of a user for a service system in the cloud security token transit module, performing security check, and segmenting request data into first-class interception and second-class interception according to service feature codes; the cloud security diagnosis data module is used for packaging the public network IP, the local network IP and the network card mac address of the request; the cloud security diagnosis information module is used for encrypting and packaging the latest security codes and sending the latest security codes to the cloud security management module.
Preferably, the interception is a user request that a user has not established communication with the service system; the second type interception is a user request for establishing and maintaining communication between a user and a service system; and the first-class interception or the second-class interception acquires the public network IP, the local network IP and the network card mac address in the user request according to different scenes.
Preferably, the first-class interception or the second-class interception further obtains media data in the user request according to different scenes; the cloud security diagnostic data module also packages media data.
Preferably, the cloud security management module comprises a cloud security token information receiving module, a cloud security diagnosis information receiving module, a cloud security level configuration module, a cloud security data comparison and analysis module and a cloud early warning starting module; the cloud security token information receiving module and the cloud security diagnosis information receiving module respectively receive security token data from a client and cloud security diagnosis data from a system server; the cloud security level configuration module is used for configuring security comparison, period and class I/II detection levels according to the requirements of the business system; the cloud security data comparison analysis is used for carrying out cloud security check on public network IP (Internet protocol), local area network IP and network card mac addresses which do not establish communication, establish communication and maintain communication according to grade division; the cloud early warning starting module is used for sending the compared abnormal data, the obtained service system IP address, the service system port number, the obtained service feature code, the unique user identification, the current service data and the previous service data information to the cloud early warning management module.
Preferably, the cloud security data comparison analysis further performs cloud security check on images which do not establish communication, establish communication and maintain communication according to grading.
Preferably, the cloud early warning management module comprises a cloud safety early warning module, a cloud safety early warning information module and a cloud safety early warning data module; the cloud security early warning module is used for receiving abnormal data information from the cloud security management module, acquiring complete abnormal data and normal service data before the abnormal data according to the data system identification, the service identification, the data identification and the user identification, and delivering the complete abnormal data and the normal service data to the cloud security early warning data module for storage; the cloud security early warning data module is used for storing data in a cloud security token early warning database; the cloud security early warning information module is used for sending early warning notifications in grades and types to an administrator according to the configuration of the cloud security grade configuration module.
Compared with the prior art, the invention has the following beneficial effects:
1. the invention solves the network security problem by a double-channel and three-layer structure security data mode, reduces the use cost of enterprises and facilitates the learning of users. And performing security check on a user-to-server request by adopting a mode of dynamically binding with a service system and a mode of configuring transfer detection management. The service line is checked while ensuring that the user, system, service functions are not "disturbed". And starting a security token of the user client in a multithreading mode to protect the driving of the client. And forming a double channel between the client and the service system end, and performing early warning on the cloud security token. The method adopts public network IP, local network IP, network card mac address and image (manual comparison display function, which can not be displayed through configuration) to convert the information circulation data into safety early warning of social level.
2. The cost is low, and the problems of hardware cost and compatibility do not exist; the use of the USB flash disk is transparent, so that the user can pay more attention to the safety of the service use rather than the safety of the USB flash disk; and detecting the full life cycle, wherein safety detection comprises three stages of disconnection, connection establishment and connection maintenance, and the all-round protection is realized on the service life cycle of the user service. The system has an early warning notification function, can notify an administrator and a user of problem data, records problem abnormal data and normal data before the abnormal data, and can be used as comparison early warning data.
3. The dynamic security code is adopted, a user or a server administrator does not need to input a password, the dynamic security code is encrypted, packaged and stored in the dual-channel storage module, and the dynamic security code, the dual-channel comparison and automatic comparison processes are safe; and for any channel with encryption problems and data comparison abnormal data problems, all-round safety detection and early warning can be carried out, including verification of various short messages or picture login.
4. The invention constructs the safety problem of the communication process of the user, the internet and the service server, but not the safety problem of the login entrance; the method and the system can acquire abnormal data of the account cracked by the robot, so that the problems of account cracking by the robot and the like are avoided by early warning or informing a service system to close the account, and the safety problem of a user is essentially solved.
5. The invention can adopt the data index management of the system multithreading for the data which is large in size and is dispersedly managed in a plurality of hard disks, a plurality of databases and a plurality of data tables. The method comprises the following steps of (1) performing multithread management technology according to performance optimization and data loading of a server CPU, a hard disk, a network and an index set; by adopting a data monitoring synchronization technology and taking multithreading data loading protection measures around, data errors caused by communication, error reporting and sequencing sequence dislocation are avoided, and data reading is accelerated while data correctness is guaranteed.
Drawings
Fig. 1 is a schematic structural principle diagram of the cloud security token early warning system of the present invention.
Fig. 2 is a schematic diagram of a structural principle of the cloud security token control module according to the present invention.
Fig. 3 is a schematic diagram of the structural principle of the security token module of the present invention.
Fig. 4 is a schematic structural diagram of the cloud security diagnostic module according to the present invention.
Fig. 5 is a schematic structural principle diagram of the cloud security management module according to the present invention.
Fig. 6 is a schematic structural principle diagram of the cloud early warning management module according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that the terms "upper", "lower", "inner", "outer", "front", "rear", "both ends", "one end", "the other end", and the like indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of describing the present invention and simplifying the description, but do not indicate or imply that the referred device or element must have a specific orientation, be configured in a specific orientation, and operate, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it is to be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "disposed," "connected," and the like are to be construed broadly, such as "connected," which may be fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
As shown in fig. 1, the cloud security token early warning system of the present invention includes a cloud security token control module, a security token module, a cloud security diagnosis module, a cloud security management module, and a cloud early warning management module. The cloud security token early warning system is initiated by an external user and service system, adopts a double-channel and three-layer structure, and comprehensively protects the user and the service system.
As shown in fig. 2, the cloud security token control module is composed of a cloud security token configuration module, a cloud security token transit module, a security token module starting module, a cloud security token marking module, and a cloud security diagnosis module starting module. And the cloud security token configuration module is used for connecting the service system by configuring the IP address, the port number, the service feature code and the security code of the service system. The system IP address and port number are used to identify the system to be protected. The service feature code is a service system server and user request identifier and is used for security check of the cloud security token early warning system. The safety code is a safety binding identifier of the service system and the cloud safety token early warning system, and is periodically replaced and encrypted according to the safety level. The cloud security token transfer module is used for carrying out security detection and forwarding on a user-to-service system request according to the IP address, the port number and the service feature code of the service system, and the transferred user request can continuously complete the function execution of the service system. This process is imperceptible or transparent to the user's actual operation. And the security token module starting module is used for detecting whether the user client starts the security token module or not, skipping the step if the user client starts the security token module, and informing the client of starting the security token module if the user client does not start the security token module. And the cloud security token marking module is used for carrying out security code identification on the transferred user request and ensuring the use of the user service function. And the cloud security diagnosis module starts a module, whether the cloud security diagnosis module is started or not is matched with the cloud security diagnosis module, if so, the step is skipped, and if not, the client is informed of starting the security token module.
As shown in fig. 3, the security token module is composed of a security token encapsulation module, a security token thread interception module, a security token close command module, a security token data module, and a security token information module. And the security token encapsulation module is used for encapsulating the ip address, the port number, the service feature code, the security code and the unique user identifier of the service system by using a security code encryption algorithm and storing the encapsulated IP address, the port number, the service feature code, the security code and the unique user identifier in the client security token module. And the safety token thread module is used for completely closing the client computer during the service system use period of the user (receiving a safety exit/closing instruction of the user), keeping the safety of the client service system in the whole application process and periodically sending safety information to the cloud safety management module. And the safety token closing command module is used for detecting closing commands of closing the service system, quitting the user and the like, closing the safety token of the client after receiving the corresponding command, and canceling the safety token encapsulation data. And the safety token thread interception module intercepts the safety token thread, restarts the safety token thread when the thread is wrong or interrupted, and establishes connection between the client safety token and the cloud safety management module. And the security token data module comprises a client public network IP, a local network IP, a network card mac address and media data. And the security token information module is used for encrypting and packaging the security token data module by adopting the latest security code and sending the security token data module to the cloud security management module.
As shown in fig. 4, the cloud security diagnosis module is composed of a cloud security diagnosis interception module, a first-class interception, a second-class interception, a cloud security diagnosis data module, and a cloud security diagnosis information module. And the cloud security diagnosis interception module acquires a service system request of the user in the cloud security token transfer module, and performs security check. And the request data is segmented into first-class interception and second-class interception according to the service feature codes. One type of interception is a user request that the user has not established communication with the service system. Class two interception is a user request for a user to establish and maintain communication with a service system. The first class interception and the second class interception acquire the public network IP, the local network IP, the network card mac address and the media data (or none) in the user request according to different scenes. And the cloud security diagnosis data module is used for packaging the requested public network IP, local network IP, network card mac address and media data (or not). And the cloud security diagnosis information module is used for encrypting and packaging the latest security code and sending the latest security code to the cloud security management module.
As shown in fig. 5, the cloud security management module includes a cloud security token information receiving module, a cloud security diagnosis information receiving module, a cloud security level configuration module, a cloud security data comparison and analysis module, and a cloud early warning starting module. The cloud security token information receiving module and the cloud security diagnosis information receiving module respectively receive security token data from the client and cloud security diagnosis data from the system server. The cloud security level configuration module is used for configuring security comparison, period and class I/II detection levels by the service system according to the requirements of the service system. Cloud security data comparison and analysis, namely cloud security check of public network IP, local network IP, network card mac address and image (manual comparison and display effect, which can not be displayed through configuration), similar to provinces, streets and house numbers, such as comparison of several items, no early warning of single item, classification according to grades, no communication establishment, communication establishment and communication maintenance. And the cloud early warning starting module is used for acquiring the ip address, the port number, the service feature code, the unique user identifier, the current service data and the previous service data information of the service system for the compared abnormal data and sending the obtained information to the cloud early warning management module.
As shown in fig. 6, the cloud early warning management module is composed of a cloud safety early warning module, a cloud safety early warning information module, and a cloud safety early warning data module. And the cloud safety early warning module is used for receiving abnormal data information from the cloud safety management module, acquiring complete data (abnormity) and previous business data according to the data system identifier, the business identifier, the data identifier and the user identifier, and delivering the complete data (abnormity) and the previous business data to the cloud safety early warning data module for storage. And the cloud security early warning data module is used for storing the data in a cloud security token early warning database. And the cloud security early warning information module is used for configuring the module according to the cloud security level, and notifying a configured corresponding administrator according to the level and the type.
The invention can be applied to various cloud security technical fields, for example, taking the application to an examination system as an example, in the examination process,
1) the account logs in the system without security token data;
2) the account logs in the cloud-free safety diagnosis data of the system;
3) the 2-time login contrast data is different;
4) the 1-time login data and the service request data are different;
5) the first service request and the second service request have different data;
multiple double-safety-channel application scenes are established through client safety tokens and cloud safety diagnosis, so that abnormal data can be found more quickly.
And comprehensively analyzing the captured abnormal data through the public network IP, the local network IP, the mac address of the network card, the image, the current service data and the previous service data.
Example 1: the examiner should take an examination in the north and the river, and the account number is logged in by the Shandong.
Example 2: the examiner should take an examination in xx university machine room, and local area network ip addresses of different machine rooms appear;
example 3: the examiner should use the examination computer and connect the notebook computer with cheating data by changing the network cable, so that the mac addresses are different;
example 4: the examination person has different goods laying image data;
example 5: 1 st question of the examination data of the examiner, and 10 th answer appears suddenly;
example 6: when the examiner uses the examination system, the user does not need to purchase ukey, accessories, authorization codes and the like;
example 7: when the examiner uses the examination system, the examiner does not need to input various bullet box verification codes, select unknown patterns in pictures and listen to sound recordings (color blindness problem, hearing problem, language problem, and foreign examinees do not have Chinese mobile phone number problem).
In conclusion, the invention solves the network security problem by a two-channel and three-layer structure security data mode, reduces the use cost of enterprises and facilitates the learning of users. And performing security check on a user-to-server request by adopting a mode of dynamically binding with a service system and a mode of configuring transfer detection management. The service line is checked while ensuring that the user, system, service functions are not "disturbed". And starting a security token of the user client in a multithreading mode to protect the driving of the client. And forming a double channel between the client and the service system end, and performing early warning on the cloud security token. The method adopts public network IP, local network IP, network card mac address and image (manual comparison display function, which can not be displayed through configuration) to convert the information circulation data into safety early warning of social level. The invention has lower cost and no hardware cost and compatibility problems; the use of the USB flash disk is transparent, so that the user can pay more attention to the safety of the service use rather than the safety of the USB flash disk; and detecting the full life cycle, wherein safety detection comprises three stages of disconnection, connection establishment and connection maintenance, and the all-round protection is realized on the service life cycle of the user service. The system has an early warning notification function, can notify an administrator and a user of problem data, records problem abnormal data and normal data before the abnormal data, and can be used as comparison early warning data. The dynamic security code is adopted, a user or a server administrator does not need to input a password, the dynamic security code is encrypted, packaged and stored in the dual-channel storage module, and the dynamic security code, the dual-channel comparison and automatic comparison processes are safe; and for any channel with encryption problems and data comparison abnormal data problems, all-round safety detection and early warning can be carried out, including verification of various short messages or picture login. The invention constructs the safety problem of the communication process of the user, the internet and the service server, but not the safety problem of the login entrance; the method and the system can acquire abnormal data of the account cracked by the robot, so that the problems of account cracking by the robot and the like are avoided by early warning or informing a service system to close the account, and the safety problem of a user is essentially solved. The invention can adopt the data index management of the system multithreading for the data which is large in size and is dispersedly managed in a plurality of hard disks, a plurality of databases and a plurality of data tables. The method comprises the following steps of (1) performing multithread management technology according to performance optimization and data loading of a server CPU, a hard disk, a network and an index set; by adopting a data monitoring synchronization technology and taking multithreading data loading protection measures around, data errors caused by communication, error reporting and sequencing sequence dislocation are avoided, and data reading is accelerated while data correctness is guaranteed.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (10)
1. The utility model provides a cloud security token early warning system, external user and service system which characterized in that: it includes:
the cloud security token control module is used for connecting the service system to be loaded, carrying out security check on the user to be loaded and the service system, diagnosing whether the security token module is started or not, and sending a security token module starting notice to the user if the security token module is not started;
the security token module is used for packaging the security code at the user side, encrypting and packaging the security code and sending the security code to the cloud security management module;
the cloud security diagnosis module is used for acquiring a request of a user for the service system and carrying out security check; classifying the request data, encrypting and packaging the security codes, and sending the security codes to a cloud security management module;
the cloud security management module is used for receiving security token data from the client and cloud security diagnosis data from the system server, and sending the abnormal data and the acquired service system data to the cloud early warning management module;
and the cloud early warning management module is used for receiving and storing abnormal data information from the cloud security management module and sending early warning notification to a corresponding administrator according to the classification and the type of the instruction of the cloud security management module.
2. The cloud security token early warning system of claim 1, wherein: the cloud security token control module comprises a cloud security token configuration module, a cloud security token transfer module, a security token module starting module, a cloud security token marking module and a cloud security diagnosis module starting module; the cloud security token configuration module is used for connecting the service system by configuring an IP address of the service system, a port number of the service system, a service feature code and a security code of the service system; the cloud security token transfer module carries out security detection and transfer on a request from a user to a service system according to the IP address of the service system, the port number of the service system and the service feature code; the security token module starting module is used for detecting whether the user client starts the security token module or not, and if not, the client is informed to start the security token module; the cloud security token marking module is used for carrying out service system security code identification on the transferred user request to ensure the use of user service functions; the cloud security diagnosis module starting module is used for judging whether the cloud security diagnosis module is started or not, and if not, informing the client to start the security token module.
3. The cloud security token early warning system of claim 2, wherein: the service system IP address and the service system port number are used for identifying a protection system to be pre-warned; the service feature code is a service system server and a user request identifier and is used for carrying out security check; the service system security code is a binding identifier of the cloud security token early warning system and the service system, and is periodically replaced and encrypted according to the security level.
4. The cloud security token early warning system of claim 3, wherein: the security token module comprises a security token encapsulation module, a security token thread interception module, a security token closing command module, a security token data module and a security token information module; the security token encapsulation module is used for encapsulating the service system IP address, the service system port number, the service feature code, the service system security code and the user unique identifier by using a security code encryption algorithm and storing the security token encapsulation module in the client security token module; the safety token thread module is used for keeping the safety of the client service system in the whole application process when a user uses the service system or a client of the service system is disconnected with a server of the service system, and periodically sending safety information to the cloud safety management module; the safety token closing command module is used for detecting a service system closing command and a user quitting/closing command, closing a client safety token after receiving the corresponding command, and cancelling safety token encapsulation data; the safety token thread monitoring module is used for monitoring the safety token thread, restarting the safety token thread when the thread is wrong or interrupted, and reestablishing the connection between the client safety token and the cloud safety management module; the security token data module comprises a client public network IP, a local network IP, a network card mac address and media data; and the security token information module is used for encrypting and packaging the security token data module by adopting the latest security code and sending the security token data module to the cloud security management module.
5. The cloud security token early warning system of claim 4, wherein: the cloud security diagnosis module comprises a cloud security diagnosis interception module, a cloud security diagnosis data module and a cloud security diagnosis information module; the cloud security diagnosis interception module is used for acquiring a request of a user for a service system in the cloud security token transit module, performing security check, and segmenting request data into first-class interception and second-class interception according to service feature codes; the cloud security diagnosis data module is used for packaging the public network IP, the local network IP and the network card mac address of the request; the cloud security diagnosis information module is used for encrypting and packaging the latest security codes and sending the latest security codes to the cloud security management module.
6. The cloud security token early warning system of claim 5, wherein: the interception is a user request that a user does not establish communication with a service system; the second type interception is a user request for establishing and maintaining communication between a user and a service system; and the first-class interception or the second-class interception acquires the public network IP, the local network IP and the network card mac address in the user request according to different scenes.
7. The cloud security token early warning system of claim 6, wherein: the first-class interception or the second-class interception also acquires media data in a user request according to different scenes; the cloud security diagnostic data module also packages media data.
8. The cloud security token early warning system of claim 7, wherein: the cloud security management module comprises a cloud security token information receiving module, a cloud security diagnosis information receiving module, a cloud security level configuration module, a cloud security data comparison analysis module and a cloud early warning starting module; the cloud security token information receiving module and the cloud security diagnosis information receiving module respectively receive security token data from a client and cloud security diagnosis data from a system server; the cloud security level configuration module is used for configuring security comparison, period and class I/II detection levels according to the requirements of the business system; the cloud security data comparison analysis is used for carrying out cloud security check on public network IP (Internet protocol), local area network IP and network card mac addresses which do not establish communication, establish communication and maintain communication according to grade division; the cloud early warning starting module is used for sending the compared abnormal data, the obtained service system IP address, the service system port number, the obtained service feature code, the unique user identification, the current service data and the previous service data information to the cloud early warning management module.
9. The cloud security token early warning system of claim 8, wherein: and the cloud security data comparison analysis also carries out cloud security check on images which do not establish communication, establish communication and maintain communication according to the grade division.
10. The cloud security token early warning system of claim 9, wherein: the cloud early warning management module comprises a cloud safety early warning module, a cloud safety early warning information module and a cloud safety early warning data module; the cloud security early warning module is used for receiving abnormal data information from the cloud security management module, acquiring complete abnormal data and normal service data before the abnormal data according to the data system identification, the service identification, the data identification and the user identification, and delivering the complete abnormal data and the normal service data to the cloud security early warning data module for storage; the cloud security early warning data module is used for storing data in a cloud security token early warning database; the cloud security early warning information module is used for sending early warning notifications in grades and types to an administrator according to the configuration of the cloud security grade configuration module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110133780.7A CN112910657B (en) | 2021-02-01 | 2021-02-01 | Cloud security token early warning system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110133780.7A CN112910657B (en) | 2021-02-01 | 2021-02-01 | Cloud security token early warning system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112910657A true CN112910657A (en) | 2021-06-04 |
| CN112910657B CN112910657B (en) | 2023-09-26 |
Family
ID=76122425
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110133780.7A Active CN112910657B (en) | 2021-02-01 | 2021-02-01 | Cloud security token early warning system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112910657B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115987579A (en) * | 2022-12-07 | 2023-04-18 | 南京鼎山信息科技有限公司 | Data processing method and data processing system based on big data and Internet of things communication |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140344153A1 (en) * | 2013-05-15 | 2014-11-20 | Thanigaivel Ashwin Raj | Mobile tokenization hub |
| US20170288872A1 (en) * | 2014-12-23 | 2017-10-05 | Feitian Technologies Co., Ltd. | Activating mobile terminal token method |
| US10033732B1 (en) * | 2016-11-09 | 2018-07-24 | Symantec Corporation | Systems and methods for detecting cloning of security tokens |
| US20180332472A1 (en) * | 2014-12-29 | 2018-11-15 | Feitian Technologies Co., Ltd. | Device and system operating method for online activation of mobile terminal token |
| US10826895B1 (en) * | 2018-10-04 | 2020-11-03 | State Farm Mutual Automobile Insurance Company | System and method for secure authenticated user session handoff |
-
2021
- 2021-02-01 CN CN202110133780.7A patent/CN112910657B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140344153A1 (en) * | 2013-05-15 | 2014-11-20 | Thanigaivel Ashwin Raj | Mobile tokenization hub |
| US20170288872A1 (en) * | 2014-12-23 | 2017-10-05 | Feitian Technologies Co., Ltd. | Activating mobile terminal token method |
| US20180332472A1 (en) * | 2014-12-29 | 2018-11-15 | Feitian Technologies Co., Ltd. | Device and system operating method for online activation of mobile terminal token |
| US10033732B1 (en) * | 2016-11-09 | 2018-07-24 | Symantec Corporation | Systems and methods for detecting cloning of security tokens |
| US10826895B1 (en) * | 2018-10-04 | 2020-11-03 | State Farm Mutual Automobile Insurance Company | System and method for secure authenticated user session handoff |
Non-Patent Citations (1)
| Title |
|---|
| 罗建军等: "基于VMI药品制造供应链管理模式研究", 武汉纺织大学学报 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115987579A (en) * | 2022-12-07 | 2023-04-18 | 南京鼎山信息科技有限公司 | Data processing method and data processing system based on big data and Internet of things communication |
| CN115987579B (en) * | 2022-12-07 | 2023-09-15 | 南京鼎山信息科技有限公司 | Data processing method and data processing system based on big data and Internet of things communication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112910657B (en) | 2023-09-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1755639A (en) | Security state monitor | |
| CN101848373A (en) | Wireless video monitoring system and video monitoring method thereof | |
| CA2799170C (en) | System and method for monitoring an area using nfc tags | |
| CN112562843A (en) | Epidemic situation management system, epidemic situation management method, equipment and storage medium | |
| TW200817929A (en) | Intelligent video verification of point of sale (POS) transactions | |
| CN105678193B (en) | A kind of anti-tamper treating method and apparatus | |
| CN112953971B (en) | Network security flow intrusion detection method and system | |
| CN110049028A (en) | Monitor method, apparatus, computer equipment and the storage medium of domain control administrator | |
| CN108833447A (en) | A kind of IP Camera weak passwurd detection method and system | |
| US8860807B2 (en) | Real time physical asset inventory management through triangulation of video data capture event detection and database interrogation | |
| CN106934576A (en) | Chief storekeeper's method and system based on net cast | |
| US11790638B2 (en) | Monitoring devices at enterprise locations using machine-learning models to protect enterprise-managed information and resources | |
| CN114024734B (en) | Intelligent network security detection and analysis system based on UEBA | |
| CN112910657A (en) | Cloud security token early warning system | |
| CN109740365B (en) | Internet information security storage system with anti-theft mechanism | |
| CN109726576A (en) | A kind of computer encryption system using RFID identification system | |
| CN110636077A (en) | Network security protection system and method based on unified platform | |
| CN108600006A (en) | A kind of Computer Data Security monitoring system | |
| CN114374530A (en) | IDS system and detection method for monitoring and analyzing based on real-time network flow | |
| CN105959147A (en) | Command storage method, client and center server | |
| CN102404161B (en) | Method and universal serial bus (USB) equipment for detecting secret leakage | |
| CN110533377A (en) | Project monitoring and managing method, electronic device and readable storage medium storing program for executing | |
| CN114884993B (en) | Virtualized android system for enhancing data security | |
| CN110912869A (en) | Big data-based monitoring and reminding method | |
| CN115277230B (en) | Method, device, equipment and storage medium for monitoring server login abnormality |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20211223 Address after: 430000, No.1, Zhifang Road, Hongshan District, Wuhan City, Hubei Province Applicant after: Wuhan Textile University Applicant after: Wuhan Yuzhilian Information Technology Co.,Ltd. Address before: Room 301, 4 / F (1-4), building 5, international enterprise center, No.1, Guanshan 2nd Road, Donghu New Technology Development Zone, Wuhan City, Hubei Province, 430000 Applicant before: Wuhan Yuzhilian Information Technology Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |