CN113037719B - Security interface gateway system based on return access address - Google Patents

Security interface gateway system based on return access address Download PDF

Info

Publication number
CN113037719B
CN113037719B CN202110214641.7A CN202110214641A CN113037719B CN 113037719 B CN113037719 B CN 113037719B CN 202110214641 A CN202110214641 A CN 202110214641A CN 113037719 B CN113037719 B CN 113037719B
Authority
CN
China
Prior art keywords
platform
path
sub
token
gateway
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110214641.7A
Other languages
Chinese (zh)
Other versions
CN113037719A (en
Inventor
苏浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujian Kunmo Information Technology Co ltd
Original Assignee
Fujian Kunmo Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujian Kunmo Information Technology Co ltd filed Critical Fujian Kunmo Information Technology Co ltd
Priority to CN202110214641.7A priority Critical patent/CN113037719B/en
Publication of CN113037719A publication Critical patent/CN113037719A/en
Application granted granted Critical
Publication of CN113037719B publication Critical patent/CN113037719B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The invention discloses a safety interface gateway system based on return access address, comprising: the method comprises the steps that a third-party platform and a security interface gateway exchange key module, the third-party platform obtains a security interface gateway token module, the third-party platform obtains a subsystem token module, and the third-party platform calls a subsystem function interface module by using the security interface gateway token, the token of the subsystem and a digital signature; the invention can uniformly schedule, authenticate and can provide different interface access authorities for different third parties. All operations can also be uniformly recorded in a log, and the sub-platform address, the account number and the password are protected and are not exposed to a third party; different accounts, passwords and authorities do not need to be set for different third parties independently, and authority maintenance is easier to perform.

Description

Safety interface gateway system based on return access address
Technical Field
The invention belongs to the technical field of gateways, and particularly relates to a security interface gateway system based on a return access address.
Background
At present, a software ecosphere generally provides interface services through cooperation among a plurality of platforms or to the outside, and a third party often needs to provide a corresponding access address, an account and a password when needing to interact with a sub-platform. If a plurality of sub-platforms need to be called, a plurality of sets of account passwords exist, each account password and authority need to be set in the corresponding platform or system, and platform maintenance personnel and user personnel are troublesome. Meanwhile, a third-party caller needs to provide information such as a plurality of platform access addresses, account numbers, passwords and the like, and the security is not very high.
Disclosure of Invention
The invention aims to overcome the defects and provides a security interface gateway system based on a return access address, which comprises:
the third-party platform and the security interface gateway exchange key module are used for firstly applying corresponding account number and password, RSAwithMD5 key pairs and configuring account numbers, passwords and access rights of corresponding sub-platform interfaces when the third-party platform uses the security interface gateway;
the third party platform acquires a security interface gateway token module: a token for the caller to use the authentication information to obtain the secure interface gateway;
the third party platform acquires a sub-platform token module: the system comprises a security interface gateway, a token and a sub-platform, wherein the security interface gateway is used for calling an interface packaged by a corresponding sub-platform through the security interface gateway to perform sub-platform authentication and acquire related path information and the token of the sub-platform; a calling party initiates a request through a related path, and the security interface gateway performs authority verification on the request path, analyzes the path into a real sub-platform path and acquires an account password of a corresponding sub-platform; replacing the path, the account and the password in the calling request of the calling party with the actual path, the account and the password information of the sub-platform, and forwarding the token of the sub-platform to the sub-platform; the sub-platform returns an authentication result to the security interface gateway, and the security gateway encapsulates path information in the returned authentication information into a security gateway address according to an address encapsulation rule; then forwarding the returned header and the encapsulated information to the caller;
the third party platform uses the security interface gateway token, the token of the sub-platform, the digital signature to call the sub-platform functional interface module, and the caller requests the sub-platform functional interface from the gateway and needs to add 2 pieces of authentication information at the head: token of security gateway and token of sub-platform, 1 signature: signature based on RSAwithMD 5; the request path is a packaged security interface gateway path acquired during the certification of the sub-platform, and other request methods and information are in a sub-platform standard format; after receiving the request of the caller, the security gateway carries out security gateway token, interface authority and signature verification in sequence, then carries out request path analysis and forwards the head and data to the sub-platform according to the analyzed address; and after receiving the information returned by the sub-platform, the security gateway encapsulates the url information in the data according to the encapsulation address rule, signs according to the signature rule and returns the url information to the third party caller.
The address encapsulation rule is as follows: base64 encoding of the security interface gateway master address/interface type returned by the sub-platform/path information returned by the sub-platform.
The signature rule is as follows: the signature generated by encrypting the requested functional path + parameter + body using the RSAwithMD5 using the private key is stored in the header information.
The address resolution rule is as follows: and (3) the base64 encoding in the encapsulation address of the request is analyzed into a sub-platform real path and replaced into a main request path, and the base64 encoding following functional path is kept unchanged.
When the safety interface gateway system works, an authentication request is initiated to the gateway, and parameters are as follows: account number, password, user type;
verifying the account number, the password and the user type;
returning to a security interface gateway token;
initiating an OpenStack authentication request to a gateway, wherein the parameters comprise OpenStack standard authentication interface parameters and a security interface gateway token;
verifying a security interface gateway token and an interface access authority;
acquiring OpenStack authentication information from a database, and replacing the authentication information in the third party request;
initiating an authentication request to an OpenStack platform;
an OpenStack platform authentication request;
returning an OpenStack platform authentication result;
the safety interface gateway packages the path information in the authentication result of the OpenStack platform;
returning authentication information to a third-party platform, wherein the authentication information comprises the token and the node information of the OpenStack;
initiating an OpenStack functional interface call request to a security interface gateway, wherein the request path is a packaged path, and the request parameters are OpenStack standard authentication interface parameters, security interface gateway token, token of OpenStack and digital signature;
verifying a token of a security interface gateway, an interface calling authority, a token of an OpenStack and a digital signature;
decrypting the request path called by the third party according to the path decryption rule to obtain a real OpenStack access path;
forwarding a third-party platform request according to the real OpenStack access path;
OpenStack processes the request;
returning OpenStack data;
if the OpenStack data contains path data, packaging and replacing the path according to a path packaging rule;
adding a digital signature of the returned data in the header information according to the signature rule;
and returning the encapsulated data to the third-party platform.
The invention has the following effects: 1. unified scheduling, authentication and authorization can provide different interface access authorities for different third parties. All operations may also be logged uniformly. 2. Protecting the sub-platform address, the account number and the password from being exposed to a third party; different accounts, passwords and authorities do not need to be independently set for different third parties, and authority maintenance is easier to perform. 3. The request and response data are encrypted bidirectionally (RSAwithMD5) to ensure data security. 4. The interface rules of the sub-platform are completely followed, and the sub-platform does not need to be modified. 5. The invention only encodes the main path and adds corresponding authentication and key information in the header in the original direct calling mode without changing the original calling mode and data format, thereby greatly saving the secondary development cost of the calling party.
Detailed Description
The invention is further illustrated by the following specific examples:
a return access address based secure interface gateway system comprising:
the safety interface gateway provides functions of authentication, digital signature, URL encapsulation and the like, provides data safety interaction between a third-party platform and a sub-platform, and is mainly realized by four parts: the third party platform and the secure interface gateway exchange keys. And the third party platform acquires a security interface gateway token. And the third-party platform acquires the token of the sub-platform. And the third party platform calls the functional interface of the sub-platform by using the security interface gateway token, the token of the sub-platform and the digital signature.
The third party platform and the security interface gateway exchange keys: when using the security interface gateway, the third-party platform (caller) first applies for a corresponding account password and RSAwithMD5 key pair (since bidirectional authentication is used, the caller also needs to provide a set of key pair and provide a public key to the security interface gateway), and configures the account, password and access right of the corresponding sub-platform interface.
The third party platform acquires a security interface gateway token: and the caller acquires the token of the security interface gateway by using the authentication information. When a caller uses the authentication information to obtain a token of the security interface gateway, the caller can extract the authentication information, the authentication information comprises normal authentication information and abnormal authentication information, and a test set and a training set are obtained from the authentication information; collecting lexical analysis data of the authentication information, labeling identification symbols on the lexical analysis data, collecting syntax trees of the authentication information to generate a plurality of syntax tree nodes, adding label vectors, drawing CFG (computational fluid dynamics) of the authentication information, and connecting the nodes to function call nodes with data interrelations to obtain a source code relational graph of the authentication information; constructing a multi-dimensional eigenvector space, extracting variable name values of authentication information and permutation combinations of the variable names and the operational characters, wherein the first permutation combination is associated with the 1 st bit of the eigenvector, the second permutation combination is associated with the 2 nd bit of the eigenvector, and numbers in the eigenvector correspond to different variable name value values or the occurrence times of the permutation combinations; storing the times corresponding to the features in the positions in the corresponding vector space to obtain eigenvectors; inputting the eigenvector into a classifier comprising a plurality of decision trees for training, and constructing P judgment models for the trained classifier comprising the decision trees, wherein the P judgment models are used for detecting abnormal authentication information in the authentication information, the 1 st judgment model consists of two classifiers, and the P judgment model consists of one classifier; wherein i is an integer of 1 to P-1; if the judgment results of the two classifiers in the ith judgment model are the same, judging that the task is finished; if the judgment results of the two classifiers in the ith judgment model are different, continuing to judge through the (i + 1) th judgment model; if the judgment results obtained by the two classifiers in the P-1 judgment model are different, judging through a P judgment model, wherein the P judgment model obtains the judgment result based on one classifier in the N judgment model; when P is 3, namely a first judgment model, a second judgment model and a third judgment model; the first judgment model is composed of a classifier of the structured semantic representation of the first authentication information and the structured semantic representation of the second authentication information; the second judgment model is composed of a classifier of structured semantic representation of third authentication information and structured semantic representation of fourth authentication information; the third judgment model is composed of a classifier represented by the structured semantic representation of third authentication information or a classifier represented by the structured semantic representation of fourth authentication information, the structured semantic representation of the first authentication information, the structured semantic representation of the second authentication information, the structured semantic representation of the third authentication information and the structured semantic representation of the fourth authentication information respectively select one of lexical analysis data, syntax tree, CFG and source code relational graph, the first authentication information characteristic is an arrangement combination of a variable name and an operator, and the second authentication information characteristic is a variable name value; or, the first authentication information characteristic is a variable name value, and the second authentication information characteristic is a permutation and combination of a variable name and an operator. The first judgment model consists of a classifier which is trained by the permutation and combination of variable names and operational characters of syntax trees and comprises a plurality of decision trees, and a classifier which is trained by the variable name values of lexical analysis data and comprises a plurality of decision trees; the second judgment model consists of a classifier which is trained by the permutation and combination of the variable name and the operational character of the CFG and comprises a plurality of decision trees, and a classifier which is trained by the variable name value of the source code relational graph and comprises a plurality of decision trees; the third judgment model is composed of a classifier which is trained by the permutation and combination of variable names and operators of the source code relational graph and comprises a plurality of decision trees. And the platform is prevented from being invaded by detecting abnormal authentication information.
The third party platform acquires a token of the sub-platform: and after the caller takes the token, the secure interface gateway calls the interface encapsulated by the corresponding sub-platform to carry out sub-platform authentication and acquire the relevant path information and the token of the sub-platform. The caller initiates a request through a related path, and the security interface gateway performs operations of authority verification on the request path, path analysis into a real sub-platform path, account password acquisition of a corresponding sub-platform and the like. And replacing the path, the account and the password in the calling request of the calling party with the actual path, account and password information of the sub-platform, and forwarding the token of the sub-platform to the sub-platform. The sub-platform returns the authentication result to the security interface gateway, and the security gateway encapsulates the path information in the returned authentication information into a security gateway address according to an address encapsulation rule (the address encapsulation rule is shown at the end of the current chapter). The returned header and encapsulated information is then forwarded to the caller.
The third party platform uses the security interface gateway token, the token of the sub-platform and the digital signature to call the functional interface of the sub-platform: the caller requests the sub-platform functional interface from the gateway and needs to add 2 pieces of authentication information at the header: token of security gateway and token of sub-platform, 1 signature: signature based on RSAwithMD5 (see the signature rule at the end of this chapter). The request path is a packaged security interface gateway path acquired during the certification of the sub-platform, and other request methods and information are in a sub-platform standard format. After receiving the request of the caller, the security gateway carries out security gateway token, interface authority and signature verification in sequence, then carries out request path analysis and forwards the head and data to the sub-platform according to the analyzed address. And after receiving the information returned by the sub-platform, the security gateway encapsulates the url information in the data according to the encapsulation address rule, signs according to the signature rule (the rule is shown at the end of the current chapter), and returns the information to the third-party caller.
And (3) address encapsulation rules: base64 encoding of the security interface gateway master address/interface type returned by the sub-platform/path information returned by the sub-platform.
Signature rules: the signature generated by encrypting the requested functional path + parameter + body using the RSAwithMD5 using the private key is stored in the header information.
The address resolution rule is as follows: and (3) the base64 encoding in the encapsulation address of the request is analyzed into a sub-platform real path and replaced into a main request path, and the base64 encoding following functional path is kept unchanged.
In a medical cloud management platform project, an OpenStack interface needs to be provided for a disaster recovery platform to complete related functions of disaster recovery, and a safety interface gateway scheme is used in consideration of problems of safety, authority control and the like.
And configuring information such as a disaster recovery platform account number, a password, an interface authority, a secret key and the like on the medical cloud and cloud management platform.
And the interface calling is completed according to the following steps:
1. initiating an authentication request to the gateway, wherein the parameters are as follows: account number, password, user type.
2. And verifying the account number, the password and the user type.
3. And returning to the security interface gateway token.
4. And initiating an OpenStack authentication request to the gateway, wherein the parameters comprise OpenStack standard authentication interface parameters and a security interface gateway token.
5. And verifying the token and the interface access authority of the safety interface gateway.
6. And acquiring OpenStack authentication information from the database, and replacing the authentication information in the third party request.
7. And initiating an authentication request to the OpenStack platform.
An OpenStack platform authentication request.
9. And returning an OpenStack platform authentication result.
10. And the safety interface gateway encapsulates the path information in the authentication result of the OpenStack platform.
11. And returning authentication information to the third-party platform, wherein the authentication information comprises the token and the node information of the OpenStack.
12. And initiating an OpenStack functional interface call request to the security interface gateway, wherein the request path is a packaged path, and the request parameters are OpenStack standard authentication interface parameters, security interface gateway token, token of OpenStack and digital signature.
13. And verifying the token of the security interface gateway, the interface calling authority, the token of the OpenStack and the digital signature.
14. And decrypting the request path called by the third party according to the path decryption rule to obtain a real OpenStack access path.
15. And forwarding the third-party platform request according to the real OpenStack access path.
OpenStack processes the request.
17. And returning OpenStack data.
18. And if the OpenStack data contains path data, packaging and replacing the path according to a path packaging rule.
19. And adding the digital signature of the returned data in the header information according to the signature rule.
20. And returning the packaged data to the third-party platform.
Wherein, the address encapsulation rule is as follows: base64 encoding of the security interface gateway master address/interface type returned by the sub platform/path information returned by the sub platform.
Before packaging
Figure GDA0003562810470000101
After packaging
Figure GDA0003562810470000102
Signature rules: the signature generated by encrypting the requested functional path + parameter + body using the RSAwithMD5 using the private key is stored in the header information.
Taking the example of a query mirror list interface, which is a GET call, without parameters and body signature part, only for path part signature (red part):
https://172.168.11.11/api/OpenStack/rest/image/aHR0cDovLzE3Mi4xNjguMTEuMjA5OjkyOTI=/v2/images
and (4) storing in the head:
Figure GDA0003562810470000111
the address resolution rule is: and (3) the base64 encoding in the encapsulation address of the request is analyzed into a sub-platform real path and replaced into a main request path, and the base64 encoding following functional path is kept unchanged.
Taking the interface of the query mirror list as an example, before analysis:
https://172.168.11.11/api/OpenStack/rest/image/aHR0cDovLzE3Mi4xNjguMTEuMjA5OjkyOTI=/v2/images
after analysis:
http://172.168.11.209:9292/v2/images。

Claims (5)

1. a return access address based secure interface gateway system comprising:
the third-party platform and the security interface gateway exchange key module are used for firstly applying corresponding account number and password, RSAwithMD5 key pairs and configuring account numbers, passwords and access rights of corresponding sub-platform interfaces when the third-party platform uses the security interface gateway;
the third party platform acquires a security interface gateway token module: a token for the caller to use the authentication information to obtain the secure interface gateway;
the third party platform acquires a sub-platform token module: the system comprises a security interface gateway, a token and a sub-platform, wherein the security interface gateway is used for calling an interface packaged by a corresponding sub-platform through the security interface gateway to perform sub-platform authentication and acquire related path information and the token of the sub-platform; a calling party initiates a request through a related path, and the security interface gateway performs authority verification on the request path, analyzes the path into a real sub-platform path and acquires an account password of a corresponding sub-platform; replacing the path, the account and the password in the calling request of the calling party with the actual path, the account and the password information of the sub-platform, and forwarding the token of the sub-platform to the sub-platform; the sub-platform returns an authentication result to the security interface gateway, and the security gateway encapsulates path information in the returned authentication information into a security gateway address according to an address encapsulation rule; then forwarding the returned header and the encapsulated information to the caller;
the third party platform uses the security interface gateway token, the token of the sub-platform, the digital signature to call the sub-platform functional interface module, and the caller requests the sub-platform functional interface from the gateway and needs to add 2 pieces of authentication information at the head: token of security gateway and token of sub-platform, 1 signature: signature based on RSAwithMD 5; the request path is a packaged security interface gateway path acquired during the certification of the sub-platform, and other request methods and information are in a sub-platform standard format; after receiving the request of the caller, the security gateway carries out security gateway token, interface authority and signature verification in sequence, then carries out request path analysis and forwards the head and data to the sub-platform according to the analyzed address; and after receiving the information returned by the sub-platform, the security gateway encapsulates the url information in the data according to the encapsulation address rule, signs according to the signature rule and returns the information to the third-party caller.
2. The return access address based secure interface gateway system of claim 1, wherein the address encapsulation rule: base64 encoding of the security interface gateway master address/interface type returned by the sub-platform/path information returned by the sub-platform.
3. A return access address based secure interface gateway system according to claim 1 or 2, wherein the signature rule is: the signature generated by encrypting the requested functional path + parameter + body using the RSAwithMD5 using the private key is stored in the header information.
4. A return access address based secure interface gateway system according to claim 1 or 2, wherein the address resolution rule is: and (3) the base64 encoding in the encapsulation address of the request is analyzed into a sub-platform real path and replaced into a main request path, and the base64 encoding following functional path is kept unchanged.
5. The return access address based secure interface gateway system of claim 4, wherein: when the safety interface gateway system works, an authentication request is initiated to the gateway, and parameters are as follows: account number, password, user type;
verifying the account number, the password and the user type;
returning to a security interface gateway token;
initiating an OpenStack authentication request to a gateway, wherein the parameters comprise OpenStack standard authentication interface parameters and a security interface gateway token;
verifying a security interface gateway token and an interface access authority;
acquiring OpenStack authentication information from a database, and replacing the authentication information in the third party request;
initiating an authentication request to an OpenStack platform;
an OpenStack platform authentication request;
returning an OpenStack platform authentication result;
the safety interface gateway packages the path information in the authentication result of the OpenStack platform;
returning authentication information to a third-party platform, wherein the authentication information comprises the token and the node information of the OpenStack;
initiating an OpenStack functional interface call request to a security interface gateway, wherein the request path is a packaged path, and the request parameters are OpenStack standard authentication interface parameters, security interface gateway token, token of OpenStack and digital signature;
verifying a token of a security interface gateway, an interface calling authority, a token of an OpenStack and a digital signature;
decrypting the request path called by the third party according to the path decryption rule to obtain a real OpenStack access path;
forwarding a third-party platform request according to the real OpenStack access path;
OpenStack processes the request;
returning OpenStack data;
if the OpenStack data contains path data, packaging and replacing the path according to a path packaging rule;
adding a digital signature of the returned data in the header information according to the signature rule;
and returning the encapsulated data to the third-party platform.
CN202110214641.7A 2021-02-25 2021-02-25 Security interface gateway system based on return access address Active CN113037719B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110214641.7A CN113037719B (en) 2021-02-25 2021-02-25 Security interface gateway system based on return access address

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110214641.7A CN113037719B (en) 2021-02-25 2021-02-25 Security interface gateway system based on return access address

Publications (2)

Publication Number Publication Date
CN113037719A CN113037719A (en) 2021-06-25
CN113037719B true CN113037719B (en) 2022-09-20

Family

ID=76461940

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110214641.7A Active CN113037719B (en) 2021-02-25 2021-02-25 Security interface gateway system based on return access address

Country Status (1)

Country Link
CN (1) CN113037719B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113419713A (en) * 2021-07-20 2021-09-21 国家电网有限公司客户服务中心 API packaging arrangement method for network national network service capability
CN116996493B (en) * 2023-09-27 2024-01-23 国网北京市电力公司 Method, system, equipment and medium for requesting operation interface of artificial intelligent platform

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101741817A (en) * 2008-11-21 2010-06-16 中国移动通信集团安徽有限公司 System, device and method for multi-network integration
CN111800397A (en) * 2020-06-23 2020-10-20 四川虹美智能科技有限公司 Login method, device and system of intangible asset management platform
CN111865920A (en) * 2020-06-18 2020-10-30 多加网络科技(北京)有限公司 Gateway authentication and identity authentication platform and method thereof

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10536449B2 (en) * 2015-09-15 2020-01-14 Mimecast Services Ltd. User login credential warning system
US20200045037A1 (en) * 2018-07-31 2020-02-06 Salesforce.Com, Inc. Token store service for platform authentication

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101741817A (en) * 2008-11-21 2010-06-16 中国移动通信集团安徽有限公司 System, device and method for multi-network integration
CN111865920A (en) * 2020-06-18 2020-10-30 多加网络科技(北京)有限公司 Gateway authentication and identity authentication platform and method thereof
CN111800397A (en) * 2020-06-23 2020-10-20 四川虹美智能科技有限公司 Login method, device and system of intangible asset management platform

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于数字证书的openstack身份认证协议;朱智强;《通信学报》;20190228;全文 *

Also Published As

Publication number Publication date
CN113037719A (en) 2021-06-25

Similar Documents

Publication Publication Date Title
JP6941146B2 (en) Data security service
CN111447214B (en) Method for centralized service of public key and cipher based on fingerprint identification
US8447983B1 (en) Token exchange
CN113037719B (en) Security interface gateway system based on return access address
US8990553B2 (en) Perimeter encryption method and system
US20110035582A1 (en) Network authentication service system and method
CN106685973A (en) Method and device for remembering log in information, log in control method and device
CN108537314A (en) Product marketing system and method based on Quick Response Code
CN108881327A (en) A kind of computer internet information safety control system based on cloud computing
CN107196761B (en) A kind of method of core function in protection application program
CN106992851A (en) TrustZone-based database file password encryption and decryption method and device and terminal equipment
CN107294921A (en) The processing method and processing device that a kind of web terminal is accessed
CN105262592A (en) Data interaction method and API interface
CN110177134A (en) A kind of security password manager and its application method based on cloudy storage
CN112131564A (en) Encrypted data communication method, apparatus, device, and medium
CN109614789A (en) A kind of verification method and equipment of terminal device
CN112347451A (en) MES data management tracking method and system based on block chain technology
CN112416597A (en) System calling method and device, computer equipment and storage medium
CN112865965B (en) Train service data processing method and system based on quantum key
US11695740B2 (en) Anonymization method and apparatus, device, and storage medium
CN113918977A (en) User information transmission device based on Internet of things and big data analysis
CN113014572A (en) Message communication system, method and device
KR100803357B1 (en) Method and apparatus for enhancing the security of database
CN115033925B (en) Database security retrieval method
CN113676446B (en) Communication network safety error-proof control method, system, electronic equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20220824

Address after: Room A, 22nd Floor, Building 1, Area F, Fuzhou Software Park, No. 89, Software Avenue, Gulou District, Fuzhou City, Fujian Province, 350001

Applicant after: Fujian Kunmo Information Technology Co.,Ltd.

Address before: No.746, Xiongchu Avenue, Hongshan District, Wuhan City, Hubei Province, 430000

Applicant before: Su Hao

GR01 Patent grant
GR01 Patent grant