CN113259383B - Cross-domain communication system - Google Patents

Cross-domain communication system Download PDF

Info

Publication number
CN113259383B
CN113259383B CN202110674705.1A CN202110674705A CN113259383B CN 113259383 B CN113259383 B CN 113259383B CN 202110674705 A CN202110674705 A CN 202110674705A CN 113259383 B CN113259383 B CN 113259383B
Authority
CN
China
Prior art keywords
server
subsystem
domain
security
cloud platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110674705.1A
Other languages
Chinese (zh)
Other versions
CN113259383A (en
Inventor
李庚�
孟祥飞
冯景华
庞晓磊
徐斌
田杨
贾子傲
李菲菲
孙福兴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National Supercomputer Center In Tianjin
Original Assignee
National Supercomputer Center In Tianjin
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National Supercomputer Center In Tianjin filed Critical National Supercomputer Center In Tianjin
Priority to CN202110674705.1A priority Critical patent/CN113259383B/en
Publication of CN113259383A publication Critical patent/CN113259383A/en
Application granted granted Critical
Publication of CN113259383B publication Critical patent/CN113259383B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • H04L69/162Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention relates to a cross-domain communication system, comprising: the system comprises an internet subsystem, a cloud platform subsystem, a supercomputer subsystem, a reverse proxy server, a message queue server, a database server, an interface server and a unified authentication server, wherein the internet subsystem and the cloud platform subsystem are connected through the reverse proxy server, and the cloud platform subsystem and the supercomputer subsystem are connected through the message queue server, the database server, the interface server and the unified authentication server respectively. The invention realizes cross-domain real-time communication among the Internet, the cloud platform and the supercomputer, and simultaneously ensures the safety of network communication among the Internet, the cloud platform and the supercomputer.

Description

Cross-domain communication system
Technical Field
The invention relates to the technical field of computers, in particular to a cross-domain communication system.
Background
The cloud platform and the supercomputer respectively have corresponding closed network environments, the internet, the cloud platform and the supercomputer are usually isolated from each other, programs and applications running on each system cannot be accessed to each other, and if the programs and the applications are accessed to the system through direct networking, great network safety potential hazards exist.
In the prior art, if access is required between the internet and the cloud platform and the supercomputer, the access can be only achieved after security protection is set through technical means such as Virtual Private Network (VPN) and authority setting, and cross-domain communication cannot be directly achieved. However, such an arrangement greatly impacts the user experience and high concurrency use based on internet access, making it impossible to provide rich application services on cloud platforms and supercomputers to highly concurrent users on the internet. Therefore, how to realize cross-domain real-time communication of the cloud internet, the cloud platform and the supercomputer becomes a technical problem to be solved urgently on the premise of ensuring the network security among the internet, the cloud platform and the supercomputer.
Disclosure of Invention
The invention aims to provide a cross-domain communication system, which realizes cross-domain real-time communication among the Internet, a cloud platform and a supercomputer and simultaneously ensures the safety of network communication among the Internet, the cloud platform and the supercomputer.
The invention provides a cross-domain communication system, comprising: an internet subsystem, a cloud platform subsystem, a supercomputer subsystem, a reverse proxy server, a message queue server, a database server, an interface server and a unified authentication server, wherein,
the internet subsystem and the cloud platform subsystem are connected through the reverse proxy server,
the reverse proxy server is used for packaging and encrypting different application services on the cloud platform subsystem and then mapping the encrypted application services onto the Internet IP, and the Internet subsystem and the application services mapped on the cloud platform subsystem of the Internet IP realize network communication through a short connection HTTP protocol and a long connection Websocket protocol;
the cloud platform subsystem and the super computer subsystem are respectively connected through a message queue server, a database server, an interface server and a uniform authentication server,
the message queue server is provided with a message queue service for executing bidirectional transmission of control instructions of high-frequency and low-traffic between the cloud platform subsystem and the super computer subsystem;
the database server is provided with a plurality of databases which are simultaneously accessed by the cloud platform subsystem and the super computer subsystem and used for performing cross-domain transmission of communication traffic persistent file data between the cloud platform subsystem and the super computer subsystem;
the interface server is used for carrying out resource isolation among multiple users, and an independent execution environment is provided for each user ID by using a container in the super computer subsystem;
the unified authentication server is used for maintaining the user authentication information of the cloud platform subsystem and the mapping relation between the cloud platform subsystem user and the super computer subsystem user, and managing the access authority and the role management of the cloud platform user and the super computer background user.
Compared with the prior art, the invention has obvious advantages and beneficial effects. By the technical scheme, the cross-domain communication system provided by the invention can achieve considerable technical progress and practicability, has wide industrial utilization value and at least has the following advantages:
according to the invention, the reverse proxy server is arranged between the internet subsystem and the cloud platform subsystem, and the message queue server, the database server, the interface server and the unified authentication server are arranged between the cloud platform subsystem and the super computer subsystem, so that cross-domain real-time communication among the internet, the cloud platform and the super computer is realized, and the safety of network communication among the internet, the cloud platform and the super computer is ensured.
The foregoing description is only an overview of the technical solutions of the present invention, and in order to make the technical means of the present invention more clearly understood, the present invention may be implemented in accordance with the content of the description, and in order to make the above and other objects, features, and advantages of the present invention more clearly understood, the following preferred embodiments are described in detail with reference to the accompanying drawings.
Drawings
Fig. 1 is a schematic structural diagram of a cross-domain communication system according to an embodiment of the present invention;
FIG. 2 is a domain diagram of a cross-domain communication system according to another embodiment of the present invention;
FIG. 3 is a domain diagram of a cross-domain communication system according to yet another embodiment of the present invention;
fig. 4 is a schematic diagram of dividing security domains of a security protection subsystem of a cross-domain communication system according to an embodiment of the present invention.
[ notation ] to show
1: and 2, an internet subsystem: cloud platform subsystem
3: supercomputer subsystem 4: reverse proxy server
5: the message queue server 6: database server
7: the interface server 8: unified authentication server
9: the safety protection subsystem 11: internet client
21: the Web server 22: storage server
31: the login server 32: supercomputing cluster
91: the first security domain 92: second security domain
93: third security domain 94: fourth security domain
100: a cross-domain communication system.
Detailed Description
To further illustrate the technical means and effects of the present invention adopted to achieve the predetermined objects, the following detailed description will be given to a specific implementation and effects of a cross-domain communication system according to the present invention with reference to the accompanying drawings and preferred embodiments.
An embodiment of the present invention provides a cross-domain communication system 100, as shown in fig. 1, including: the system comprises an internet subsystem 1, a cloud platform subsystem 2, a supercomputer subsystem 3, a reverse proxy server 4, a message queue server 5, a database server 6, an interface server 7 and a unified authentication server 8.
The internet subsystem 1 and the cloud platform subsystem 2 are connected through the reverse proxy server 4, the reverse proxy server 4 is used for packaging and encrypting different application services on the cloud platform subsystem 2 and then mapping the encrypted application services onto the internet IP, the internet subsystem 1 and the application services on the cloud platform subsystem 2 mapped onto the internet IP realize network communication through a short connection HTTP protocol and a long connection Websocket protocol, and real-time communication between the internet subsystem 1 and the cloud platform subsystem 2 is realized, and the Websocket protocol is a new network protocol based on TCP. As an example, the cloud platform subsystem 2 may adopt a framework of front-end VUE + back-end Django to develop application services, and adopt a module packager (webpack) to package and encrypt different application services on the cloud platform subsystem 2, and the reverse proxy server 4 may specifically adopt a Nginx reverse proxy service, where Nginx is a high-performance HTTP and reverse proxy Web server 21, and also provides IMAP/POP3/SMTP services, and the reverse proxy mounts different services on the cloud platform subsystem 2 to different paths of the same domain name of the internet, and mounts the entire Nginx service to the internet IP.
The cloud platform subsystem 2 and the super computer subsystem 3 are connected with each other through a message queue server 5, a database server 6, an interface server 7 and a unified authentication server 8 respectively, so that real-time communication between the cloud platform subsystem 2 and the super computer subsystem 3 is realized. Specifically, the message queue server 5 is provided with a message queue service for performing bidirectional transmission of control instructions of high-frequency and low-traffic between the cloud platform subsystem 2 and the supercomputer subsystem 3, and the message queue server 5 is further configured to perform message queue storage, forwarding, file transmission and routing management, and may further deploy services such as an information service block (Samba) interface container. The database server 6 is provided with a plurality of databases which are simultaneously accessed by the cloud platform subsystem 2 and the super computer subsystem 3 and used for performing cross-domain transmission of communication traffic persistent file data between the cloud platform subsystem 2 and the super computer subsystem 3, and the database server 6 specifically comprises servers such as MySQL, Redis, CouchDB, MongoDB and the like. The interface server 7 is a uniform resource service interface server 7, and is used for resource isolation among multiple users, an independent execution environment is provided for each user ID by using a container in the supercomputer subsystem 3, and a communication interface of the message queue server 5 can also be positioned in the container. The interface server 7 may specifically comprise a computing interface, a storage interface and a visualization interface. The unified authentication server 8 is a unified authentication server 8 and is used for maintaining the user authentication information of the cloud platform subsystem 2 and the mapping relationship between the user of the cloud platform subsystem 2 and the user of the super computer subsystem 3, managing the access authority and role management of the cloud platform user and the background user of the super computer, increasing the security of the super computer system in the application layer, and understanding that the user of the platform subsystem refers to the user who registers the service in the cloud platform system.
According to the cross-domain communication system, the reverse proxy server 4 is arranged between the internet subsystem 1 and the cloud platform subsystem 2, the message queue server 5, the database server 6, the interface server 7 and the unified authentication server 8 are arranged between the cloud platform subsystem 2 and the super computer subsystem 3, cross-domain real-time communication among the internet, the cloud platform and the super computer can be achieved, and meanwhile safety of network communication among the internet, the cloud platform and the super computer is guaranteed. The cross-domain communication system supports computing, storage and visualization services on a super computer system to directly provide services for multiple users on the Internet, can be applied to application scenes such as material computing simulation and the like, and builds a material genetic engineering high-throughput computing platform.
As shown in fig. 2, the internet subsystem 1 includes an internet client 11, and the internet client 11 is connected to the reverse proxy server 4 for information interaction.
The cloud platform subsystem 2 comprises a Web server 21 and a storage server 22 which are connected, wherein the website (Web) server is respectively connected with the reverse proxy server 4, the message queue server 5, the interface server 7 and the unified authentication server 8 and is used for providing a network service engine, a portal, a service front end and a service Application Programming Interface (API) interface; the storage server 22 is connected to the reverse proxy server 4 and the database server 6, respectively, and is configured to perform data structured storage, data management, data verification, file storage, and data conversion.
The super computer subsystem 3 comprises a login server 31 and a super computing cluster 32 which are connected, wherein the login server 31 is respectively connected with the message queue server 5, the database server 6, the interface server 7 and the unified authentication server 8 and is used for performing data visualization processing, login of the super computer subsystem 3, batch data processing and task scheduling; the supercomputing clusters 32 include supercomputing clusters for high-throughput computing, job and security monitoring, and Lustre storage clusters for file storage, which is a parallel distributed file system. In addition, the internet client 11, the Web server 21, the storage server 22, the login server 31 and the super computing cluster 32 can be interconnected and intercommunicated through different network bandwidths, including ethernet, infiniband, height network, and the like.
As shown in fig. 3, the cross-domain communication system further includes a security protection subsystem 9, configured to set security protection levels of the internet subsystem 1, the cloud platform subsystem 2, and the supercomputer subsystem 3 from a low security level to a high security level, and control security protection between the internet subsystem 1 and the cloud platform subsystem 2 through reverse proxy, extranet mapping, and periodic security vulnerability scanning, and control security protection between the cloud platform subsystem 2 and the supercomputer subsystem 3 through physical isolation, rights management, and information encryption, so as to ensure independent operation and data security of the supercomputing subsystem.
As shown in fig. 4, the security protection subsystem 9 is further configured to divide the cross-domain communication system into a first security domain 91, a second security domain 92, a third security domain 93 and a fourth security domain 94 with gradually-increased confidence level. The first security domain 91 is an untrusted domain, the second security domain 92 is a medium trusted domain, and the third security domain 93 and the fourth security domain 94 are trusted domains; the third security domain 93 and the fourth security domain 94 are trusted domains; the third security domain 93 is used as a core to control the second security domain 92, and controls a user domain to access the fourth security domain 94 through a message queue security and database security mechanism, so that the data security of the super computer subsystem 3 is ensured; the second security domain 92 serves as an isolation layer to control the first security domain 91, so that the network communication security of the whole cross-domain communication system can be ensured finally.
Wherein the internet client 11 is located in the first security domain 91, the reverse proxy server 4 is located in the second security domain 92, the Web server 21 and the storage server 22 are located in the third security domain 93, and the message queue server 5, the database server 6, the interface server 7, the unified authentication server 8, the login server 31 and the super computing cluster 32 are located in the fourth security domain 94.
As an example, different security policies are set according to different credibility of security domains, different security technical means are adopted for security protection, the first security domain 91 is a public domain, i.e., access under the unauthenticated condition, public access is allowed, the credibility is the lowest, the first security domain is an untrusted domain, all behaviors in the security domain are set to be untrustworthy, the first security domain is used for storing information capable of being disclosed, and interface security control is performed through user authentication, authorization management and access control. The second security domain 92 is a user domain, and because of the existence of factors such as uncontrollable user behaviors, leaked user passwords, forged user identities, hacking attacks and the like, the reliability is medium, the second security domain is set to be accessed after authentication and is used for performing security access through multiple identity authentication, dynamic password authentication, resource isolation, network isolation, firewall, Ddos resistance, intrusion defense, SQL injection resistance and XSS cross-domain attack resistance.
The third security domain 93 is a management domain, the fourth security domain 94 is a data domain, and since the management and data domain is inside the security protection system, based on strict monitoring and management, the trust level is the highest and is defined as a trust domain. The functions of file transmission, data interaction, interface calling and the like among different underlying computing systems, public storage and the like can be realized in the trusted domain. The third security domain 93 is used for performing security protection based on service security management of the cloud platform subsystem 2, where the service security management of the cloud platform subsystem 2 includes security protection of a database, a message queue, each component, and authority control and tamper-proof setting of a service configuration file; the fourth security domain 94 is used for performing security management of user data and applications, including transparent encryption storage of volume-based data, clearing of memory data, and erasing of logical volume data.
The cross-domain communication system provided by the embodiment of the invention is based on a super computing platform and a cloud service platform, integrates computer technologies such as high-throughput computing, big data management, remote visualization, machine learning and the like, establishes an autonomous controllable cross-platform efficient resource scheduling system, a graphical editable high-throughput computing workflow, an interactive operation management system, a unified integrated data interface and other software and hardware systems, and can realize high-throughput material computing simulation and material computing data management of high concurrency, cross-scale and automatic processes by taking application scenes such as material computing simulation as an example.
Although the present invention has been described with reference to a preferred embodiment, it should be understood that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (8)

1. A cross-domain communication system, comprising: an internet subsystem, a cloud platform subsystem, a supercomputer subsystem, a reverse proxy server, a message queue server, a database server, an interface server and a unified authentication server, wherein,
the internet subsystem and the cloud platform subsystem are connected through the reverse proxy server,
the reverse proxy server is used for packaging and encrypting different application services on the cloud platform subsystem and then mapping the encrypted application services onto the Internet IP, and the Internet subsystem and the application services mapped on the cloud platform subsystem of the Internet IP realize network communication through a short connection HTTP protocol and a long connection Websocket protocol;
the cloud platform subsystem and the super computer subsystem are respectively connected through a message queue server, a database server, an interface server and a uniform authentication server,
the message queue server is provided with a message queue service for executing bidirectional transmission of control instructions of high-frequency and low-traffic between the cloud platform subsystem and the super computer subsystem;
the database server is provided with a plurality of databases which are simultaneously accessed by the cloud platform subsystem and the super computer subsystem and used for performing cross-domain transmission of communication traffic persistent file data between the cloud platform subsystem and the super computer subsystem;
the interface server is used for carrying out resource isolation among multiple users, and an independent execution environment is provided for each user ID by using a container in the super computer subsystem;
the unified authentication server is used for maintaining user authentication information of the cloud platform subsystem and a mapping relation between a cloud platform subsystem user and a super computer subsystem user, and managing access authority and role management of the cloud platform user and a super computer background user;
the cross-domain communication system further comprises a security protection subsystem, wherein the security protection subsystem is used for setting security protection levels of the internet subsystem, the cloud platform subsystem and the super computer subsystem from a low security level to a high security level, controlling security protection between the internet subsystem and the cloud platform subsystem through reverse proxy, extranet mapping and periodic security vulnerability scanning, controlling security protection between the cloud platform subsystem and the super computer subsystem through physical isolation, authority management and information encryption, and dividing the cross-domain communication system into a first security domain, a second security domain, a third security domain and a fourth security domain;
the first security domain is set to be unreliable in all behaviors in the security domain, is used for storing information capable of being disclosed and carries out interface security control through user authentication, authorization management and access control;
the second security domain is set to be accessed after passing authentication and used for performing security access through multiple identity authentication, dynamic password verification, resource isolation, network isolation, a firewall, Ddos resistance, intrusion prevention, SQL injection resistance and XSS cross-domain attack resistance;
the third security domain is used for performing security protection based on service security management of the cloud platform subsystem, and the service security management of the cloud platform subsystem comprises security protection of a database, a message queue, each component, authority control of a service configuration file and tamper-proof setting;
and the fourth security domain is used for performing security management on user data and application, and comprises volume-based data transparent encryption storage, memory data emptying and logical volume data erasing.
2. The cross-domain communication system of claim 1,
the internet subsystem comprises an internet client, and the internet client is connected with the reverse proxy server and used for information interaction.
3. The cross-domain communication system of claim 2,
the cloud platform subsystem comprises a Web server and a storage server which are connected, wherein,
the Web server is respectively connected with the reverse proxy server, the message queue server, the interface server and the unified authentication server and is used for providing a network service engine, a portal, a service front end and a service API interface;
the storage server is respectively connected with the reverse proxy server and the database server and is used for carrying out data structured storage, data management, data verification, file storage and data conversion.
4. The cross-domain communication system of claim 3,
the super computer subsystem comprises a login server and a super computing cluster which are connected, wherein,
the login server is respectively connected with the message queue server, the database server, the interface server and the unified authentication server and is used for performing data visualization processing, super computer subsystem login, batch data processing and task scheduling;
the super computing cluster comprises a super computing cluster and a Lustre storage cluster, wherein the computing cluster is used for high-throughput computing, operation and safety monitoring, and the storage cluster is used for file storage.
5. The cross-domain communication system of claim 4,
the first security domain is an untrusted domain, the second security domain is a medium trusted domain, and the third security domain and the fourth security domain are trusted domains; the third security domain is used as a core to control a second security domain, and a user domain is controlled to access the fourth security domain through a message queue security and database security mechanism; the second security domain acts as an isolation layer, controlling the first security domain.
6. The cross-domain communication system of claim 5,
the internet client is located in the first security domain, the reverse proxy server is located in the second security domain, the Web server and the storage server are located in the third security domain, and the message queue server, the database server, the interface server, the unified authentication server, the login server and the super computing cluster are located in the fourth security domain.
7. The cross-domain communication system of claim 1,
the interface server comprises a computing interface, a storage interface and a visualization interface.
8. The cross-domain communication system of claim 1,
the message queue server is also used for storing and forwarding message queues, transmitting files and managing routes.
CN202110674705.1A 2021-06-18 2021-06-18 Cross-domain communication system Active CN113259383B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110674705.1A CN113259383B (en) 2021-06-18 2021-06-18 Cross-domain communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110674705.1A CN113259383B (en) 2021-06-18 2021-06-18 Cross-domain communication system

Publications (2)

Publication Number Publication Date
CN113259383A CN113259383A (en) 2021-08-13
CN113259383B true CN113259383B (en) 2021-09-28

Family

ID=77188518

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110674705.1A Active CN113259383B (en) 2021-06-18 2021-06-18 Cross-domain communication system

Country Status (1)

Country Link
CN (1) CN113259383B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737331A (en) * 2017-04-17 2018-11-02 北大方正集团有限公司 Cross-domain communication method and cross-domain communication system
CN111147451A (en) * 2019-12-09 2020-05-12 云深互联(北京)科技有限公司 Service system security access method, device and system based on cloud platform
CN112882851A (en) * 2021-03-24 2021-06-01 国家超级计算天津中心 Cloud interaction system based on supercomputer

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104247333B (en) * 2011-12-27 2017-08-11 思科技术公司 System and method for the management of network service
CN103475749A (en) * 2013-09-11 2013-12-25 北京思特奇信息技术股份有限公司 Cross-domain communication method and device
GB2523794A (en) * 2014-03-05 2015-09-09 Pierbridge Ltd Data processing systems and methods
CN106936853B (en) * 2017-04-26 2020-12-29 河海大学 Cross-domain single sign-on method based on system integration-oriented cross-domain single sign-on system
US11283837B2 (en) * 2019-07-03 2022-03-22 Microsoft Technology Licensing, Llc. Domain-application attribution
CN112953897B (en) * 2021-01-26 2023-04-18 北京交通大学 Train control system edge security node implementation method based on cloud computing equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737331A (en) * 2017-04-17 2018-11-02 北大方正集团有限公司 Cross-domain communication method and cross-domain communication system
CN111147451A (en) * 2019-12-09 2020-05-12 云深互联(北京)科技有限公司 Service system security access method, device and system based on cloud platform
CN112882851A (en) * 2021-03-24 2021-06-01 国家超级计算天津中心 Cloud interaction system based on supercomputer

Also Published As

Publication number Publication date
CN113259383A (en) 2021-08-13

Similar Documents

Publication Publication Date Title
Tabrizchi et al. A survey on security challenges in cloud computing: issues, threats, and solutions
US9565204B2 (en) Cyber-security system and methods thereof
US9832227B2 (en) System and method for network level protection against malicious software
Modi et al. A survey of intrusion detection techniques in cloud
US8825889B2 (en) Network traffic rate limiting system and method
WO2019241404A1 (en) Secure on-premise to cloud communication
US20220337555A1 (en) Firewall offloading
Ahmed et al. A review of challenges and security risks of cloud computing
CN110012016B (en) Method and system for controlling resource access in hybrid cloud environment
Nguyen et al. A cloud-oriented cross-domain security architecture
US11909771B2 (en) Role-based policy DNS response for network security user notifications
Patni et al. Man-in-the-middle attack in HTTP/2
Alshareef Current development, challenges, and future trends in cloud computing: A survey
Parashar et al. A survey of attacks and their mitigations in software defined networks
Zareapoor et al. Establishing safe cloud: Ensuring data security and performance evaluation
CN113259383B (en) Cross-domain communication system
Panah et al. Challenges of security issues in cloud computing layers
Jain et al. Security analysis of SDN WAN applications—B4 and IWAN
Mannhart Mitigation as a Service in a Cooperative Network Defense
Javaid Top threats to cloud computing security
Raza et al. A review on security issues and their impact on hybrid cloud computing environment
Yassine et al. A lightweight IoT security solution
Chakraborti et al. Software-defined network vulnerabilities
Alsaleem et al. Cloud computing-based attacks and countermeasures: A survey
Bandela et al. Survey on cloud computing technologies and security threats

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant