CN113765893B - Protocol proxy password penetration authentication method applied to MySQL system - Google Patents

Protocol proxy password penetration authentication method applied to MySQL system Download PDF

Info

Publication number
CN113765893B
CN113765893B CN202110930414.4A CN202110930414A CN113765893B CN 113765893 B CN113765893 B CN 113765893B CN 202110930414 A CN202110930414 A CN 202110930414A CN 113765893 B CN113765893 B CN 113765893B
Authority
CN
China
Prior art keywords
authentication
mysql
proxy
password
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110930414.4A
Other languages
Chinese (zh)
Other versions
CN113765893A (en
Inventor
王继洪
范渊
吴永越
郑学新
刘韬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu DBAPPSecurity Co Ltd
Original Assignee
Chengdu DBAPPSecurity Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu DBAPPSecurity Co Ltd filed Critical Chengdu DBAPPSecurity Co Ltd
Priority to CN202110930414.4A priority Critical patent/CN113765893B/en
Publication of CN113765893A publication Critical patent/CN113765893A/en
Application granted granted Critical
Publication of CN113765893B publication Critical patent/CN113765893B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to the technical field of transparent transmission, and provides a protocol proxy password transparent authentication method applied to a MySQL system. In the protocol proxy password penetration authentication method, only the MySQL client side knows the login password input by the user, the proxy side and the MySQL server do not know the login password, and the proxy side and the MySQL server can realize penetration authentication without knowing the login password, namely realize the operation and maintenance connection establishment function of a non-password hosting mode.

Description

Protocol proxy password penetration authentication method applied to MySQL system
Technical Field
The invention belongs to the technical field of transparent transmission, and particularly relates to a protocol proxy password transparent authentication method applied to a MySQL system.
Background
The protocol agent model applied in the current operation and maintenance auditing system basically provides a protocol agent mode in a server password escrow mode. As the operation and maintenance scenarios become more complex, more scenarios exist in which passwords are not hosted to the operation and maintenance audit system platform.
MySQL systems are the most popular relational database management systems. The MySQL server may send an authswitch type message requesting the connected client to switch to another authentication mode. In MySQL systems, one of the characteristics of the MySQL protocol is that the MySQL server first initiates an application layer message that contains an encryption seed for cryptographic computation. When the proxy terminal is arranged in the MySQL system, the MySQL client terminal can mistakenly recognize the proxy terminal as the MySQL server when the proxy terminal is connected, and the wrong encryption seed is received, so that an encryption message generated after the user input password on the MySQL client terminal is encrypted can not be accepted by the MySQL server, and the client terminal access failure of the user can be directly caused.
The prior art comprises the following steps: the Chinese patent with publication number CN105100107B discloses a method for proxy client account authentication: the password intermediate data can be calculated by acquiring analysis data when the client account and the first database server are authenticated and acquiring a prestored encryption password of the client account from the first database server. The first authentication message is generated by utilizing the password intermediate data, and authentication of the client account and the second database server can be proxied without manually configuring the client account and the plaintext password, thereby providing convenience for users. Because the encrypted password corresponding to the client account can be obtained in real time by utilizing the pre-configured database manager account, even if the password corresponding to the client account is modified, the modified password intermediate data can be obtained, and further the client account information can be automatically updated.
The free switch technology used in the prior art essentially uses a preset administrator account to access a server storing a password to obtain a ciphertext, then takes the authentication calculation process of response in a client, and finally sends the generated current password authentication ciphertext to a database server for authentication request.
Disclosure of Invention
The invention provides a transparent transmission technology different from the prior art, and provides a protocol proxy password transparent authentication method applied to a MySQL system.
In the invention, the proxy end arranged between the MySQL client and the MySQL server uses an authswitch method to actively reset the authentication encryption seed negotiated when the MySQL client is connected with the proxy end, so that the authentication encryption seed provided for the real MySQL server is updated, and the penetration authentication flow from the MySQL client to the MySQL server is completed. In the process, only the MySQL client side knows the login password input by the user, the proxy side and the MySQL server do not know the login password, and the proxy side and the MySQL server can realize transparent authentication without knowing the login password, namely realize the operation and maintenance connection establishment function of a non-password hosting mode.
The invention provides a protocol proxy password penetration authentication method applied to a MySQL system, which comprises the following steps:
step S1: the MySQL client acquires a login name N, a login password P and an access address IP input by a user, and then initiates TCP connection to the proxy;
step S2: the proxy end generates an authentication type A and an authentication encryption seed A1 of the MySQL server, and sends an initial message T1 containing the authentication type A and the authentication encryption seed A1 of the MySQL server to the MySQL client after the TCP connection is established;
step S3: the MySQL client analyzes the received initial message T1 and acquires an authentication type A and an authentication encryption seed A1; then, according to the authentication type A, the authentication encryption seed A1 and the login password P input by the user, authentication data M1 is obtained through calculation;
step S4: the MySQL client sends a request message S1 containing a client name, a client version, a login name N, authentication data M1 and an access address IP to the proxy;
step S5: the proxy receives the request message S1 and then analyzes the request message to obtain an access address IP; then initiating TCP connection to MySQL server by proxy end;
step S6: the MySQL server generates an authentication type B and an authentication encryption seed B1 of the MySQL server, and sends a server message S2 containing the authentication type B and the authentication encryption seed B1 of the MySQL server to the proxy after the TCP connection is established;
step S7: the proxy end analyzes the received server message S2 to obtain an authentication type B and an authentication encryption seed B1; then, according to the authentication type B and the authentication encryption seed B1, starting to assemble an authswitch message T3, and replying the authswitch message T3 to the MySQL client;
step S8: after receiving an authswitch message T3 from the proxy end, the MySQL client analyzes the authswitch message to obtain an authentication type B and an authentication encryption seed B1; the MySQL client switches the authentication type A of the MySQL server into the authentication type B, and recalculates the password according to the login password P and the authentication encryption seed B1 to obtain the password P1; then, according to the authentication encryption seed B1 and the password P1, authentication data M2 is obtained through calculation;
step S9: the MySQL client sends authentication data M2 to the proxy;
step S10: the proxy sends authentication data M2 to the MySQL server.
In the protocol proxy password penetration authentication method, no matter the authentication result of the MySQL server is successful or failed, the proxy terminal immediately enters a full forwarding state; that is, all protocol messages in the future of the MySQL server are transmitted to the MySQL client, and all protocol messages in the future of the MySQL client are transmitted to the MySQL server.
Further, in the step S5, after the proxy end parses the request message S1, the authentication data M1 is discarded.
Further, the authentication encryption seed A1 is a random character string.
Further, the authentication encryption seed B1 is a random string.
Further, in step S9, the MySQL client encapsulates the authentication data M2 into the protocol data R1 and sends the protocol data R1 to the proxy.
Further, in step S10, the proxy end first parses the received protocol data R1, encapsulates the received protocol data R2, and sends the protocol data R2 to the MySQL server.
The invention also provides an electronic device, which comprises a memory and a processor; the memory is used for storing a computer program; the processor is configured to execute the computer program to implement the protocol proxy password penetration authentication method.
The invention also provides a computer readable storage medium for storing a computer program which when executed by a processor implements the protocol agent password penetration authentication method described above.
Compared with the prior art, the invention has the following advantages:
(1) The proxy end uses an authswitch method to actively reset the authentication encryption seeds negotiated when the MySQL client is connected with the proxy end, so that the authentication encryption seeds provided for the real MySQL server are updated, and the penetration authentication flow from the MySQL client to the MySQL server is completed;
(2) The invention has no process of acquiring the password intermediate data by using the preset administrator account number, and meanwhile, has no step of participating in calculation of the password intermediate data in the proxy, namely, the proxy end in the invention is completely unaware of the password data of the user, and can complete the penetration authentication proxy of the MySQL client and the MySQL server by using an authswitch means without knowing the password of the user.
Drawings
Fig. 1 is a system topology diagram corresponding to a protocol agent password penetration authentication method according to the present invention.
Detailed Description
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it should be understood that the described embodiments are only some embodiments of the present invention, but not all embodiments, and therefore should not be considered as limiting the scope of protection. All other embodiments, which are obtained by a worker of ordinary skill in the art without creative efforts, are within the protection scope of the present invention based on the embodiments of the present invention.
Example 1:
since the authentication flow in each connection in the application layer connection protocol of the Mysql server needs to be encrypted in cooperation with the negotiated seed in the connection, the encryption seed of each connection established is different.
If there is a proxy in the link of the connection, then the connection will appear two TCP connections, i.e. two authenticated links, resulting in the appearance of a connection TCP a from the Mysql client to the proxy and a connection TCP B from the proxy to the Mysql server, with the authenticated encryption seeds in TCP a and TCP B being different. The proxy end does not know the authentication password, and the proxy end cannot directly transfer the encrypted authentication data in the connection TCP A to the channel of the connection TCP B to finish authentication, and the proxy end cannot directly combine the encryption seed of the connection TCP B with the authentication password to finish authentication of the connection TCP B.
Therefore, it is a technical difficulty how to let the Mysql client calculate authentication encryption data that can be recognized by the Mysql server for two connections, connection TCP a and connection TCP B.
The embodiment provides a protocol proxy password penetration authentication method applied to a MySQL system, which uses the authswitch characteristic of a Mysql protocol to enable an agent to hold two authentication encryption seeds of two connections of a connection TCP A and a connection TCP B at the same time, so that the agent can exchange the authentication encryption seeds in the connection TCP B into the connection of the connection TCP A in an authswitch mode, the second password calculation can be completed at a MySQL client, then the second password result is sent to an agent section through the connection TCP A, and the agent can directly send the authentication request of one penetration to a MySQL server through the connection TCP B, thereby completing the penetration authentication proxy in two TCP connections at a time.
The specific operation is as follows: the user opens Mysql client, fills in login name N, login password P and access address IP in the newly built connection frame, and clicks on the connection button to start executing the protocol agent password penetration authentication method after filling in. Here, the access address IP is the connection address of the target MySQL server.
The protocol agent password penetration authentication method comprises the following steps S1-S10, and a corresponding system topological diagram is shown in FIG. 1.
Step S1: the MySQL client acquires a login name N, a login password P and an access address IP input by a user, and then initiates TCP connection to the proxy.
Since MySQL protocol is started by the server (the server speaks first), in step S1, the MySQL client will not send any data to the proxy. After the three-way handshake of the TCP is completed, the MySQL client starts to wait for the first initial packet of the MySQL server. The initial packet includes an authentication type B and an authentication encryption seed B1.
Step S2: the proxy end generates an authentication type A and an authentication encryption seed A1 of the MySQL server, and sends an initial message T1 containing the authentication type A and the authentication encryption seed A1 of the MySQL server to the MySQL client after the TCP connection is established.
Step S3: the MySQL client analyzes the received initial message T1 and acquires an authentication type A and an authentication encryption seed A1; and then, according to the authentication type A, the authentication encryption seed A1 and the login password P input by the user, authentication data M1 is obtained through calculation.
In the step S3, the authentication data M1 is calculated by MySQL driver provided by MySQL manufacturer, and the embodiment only needs to acquire the authentication data by adopting the prior art. Moreover, by the design of the step, the login password P input by the user always only appears on the computer operated by the user login, and the proxy end is not known.
Step S4: the MySQL client sends a request message S1 containing a client name, a client version, a login name N, authentication data M1, and an access address IP to the proxy.
Step S5: the proxy receives the request message S1 and then analyzes the request message to obtain an access address IP; and then the proxy end initiates a TCP connection to the MySQL server.
After the proxy end analyzes the request message S1 in the step S5, the authentication data M1 is discarded. Although the authentication data M1 is obtained by parsing the request message S1 in step S5, the MySQL client uses the authentication data M1 calculated by the authentication type a and the authentication encryption seed A1 generated by the proxy, and has no effect on connecting the proxy to the MySQL server, so that the M1 is discarded.
Step S6: the MySQL server generates an authentication type B and an authentication encryption seed B1 of the MySQL server, and sends a server message S2 containing the authentication type B and the authentication encryption seed B1 of the MySQL server to the proxy after the TCP connection is established.
Step S7: the proxy end analyzes the received server message S2 to obtain an authentication type B and an authentication encryption seed B1; and then, according to the authentication type B and the authentication encryption seed B1, starting to assemble an authswitch message T3, and replying the authswitch message T3 to the MySQL client.
In the step S7, the authentication type B and the authentication encryption seed B1 obtained by parsing become data that the proxy end requires the MySQL client to switch the authentication method. Therefore, the proxy constructs an authswitch message T3 using authentication type B and authentication encryption seed B1 according to the specifications of MySQL protocol, and then replies to the MySQL client.
Step S8: after receiving an authswitch message T3 from the proxy end, the MySQL client analyzes the authswitch message to obtain an authentication type B and an authentication encryption seed B1; the MySQL client switches the authentication type A of the MySQL server into the authentication type B, and recalculates the password according to the login password P and the authentication encryption seed B1 to obtain the password P1; and then, according to the authentication encryption seed B1 and the password P1, authentication data M2 is obtained through calculation.
Step S9: the MySQL client sends the authentication data M2 to the proxy.
Step S10: the proxy sends authentication data M2 to the MySQL server.
In the step S9, the MySQL client encapsulates the authentication data M2 into the protocol data R1 and sends the protocol data R1 to the proxy. In the step S10, the proxy end firstly analyzes the received protocol data R1, encapsulates the received protocol data R2, and sends the protocol data R2 to the MySQL server. After that, the MySQL server replies an OK type message, i.e. authentication success, to the authentication data M2, and the MySQL server replies an ERROR type message, i.e. authentication unsuccessful, to the authentication data M2. However, for the proxy, the processing flows of successful authentication and unsuccessful authentication are consistent, and after the authentication data M2 is sent to the MySQL server through the proxy, the proxy immediately enters a full forwarding state. That is, the MySQL client can receive the OK packet after the authentication of the MySQL server is successful, and the MySQL client can also receive the ERROR packet after the authentication of the MySQL server is failed.
In the method described in this embodiment, the authentication encryption seed A1 and the authentication encryption seed B1 are both generated from the server role, but because the proxy-side protocol proxy appears in the middle of the TCP link, the MySQL client may misconsider the proxy-side as the MySQL server, and in order to maintain the normal protocol processing flow, the proxy-side needs to play the role of the MySQL server. Therefore, in the present embodiment, two data of the authentication type a and the authentication encryption seed A1 are generated by the proxy side.
The authentication type A and the authentication type B are authentication type data supported by a Mysql system; the authentication types supported by MySQL system include three ways: native, cachesha2, old, corresponding authentication type data is Native plug-able, cache SHA-2, cleartext.
Authentication type B is related to the version of MySQL server. Each version will have a default configuration, although it may be modified. The authentication encryption seed B1 is a random character generated according to various random factors such as time, and similarly, the authentication encryption seed A1 at the proxy end is also generated randomly.
Example 2:
the embodiment provides an electronic device, which comprises a memory and a processor; the memory is used for storing a computer program; the processor is configured to execute the computer program to implement the protocol proxy password penetration authentication method described in embodiment 1.
Example 3:
the present embodiment proposes a computer readable storage medium for storing a computer program which, when executed by a processor, implements the protocol proxy password pass-through authentication method described in embodiment 1.
The foregoing description is only a preferred embodiment of the present invention, and is not intended to limit the present invention in any way, and any simple modification, equivalent variation, etc. of the above embodiment according to the technical matter of the present invention fall within the scope of the present invention.

Claims (8)

1. The protocol proxy password penetration authentication method applied to the MySQL system is characterized by comprising the following steps of:
step S1: the MySQL client acquires a login name N, a login password P and an access address IP input by a user, and then initiates TCP connection to the proxy;
step S2: the proxy end generates an authentication type A and an authentication encryption seed A1 of the MySQL server, and sends an initial message T1 containing the authentication type A and the authentication encryption seed A1 of the MySQL server to the MySQL client after the TCP connection is established;
step S3: the MySQL client analyzes the received initial message T1 and acquires an authentication type A and an authentication encryption seed A1; then, according to the authentication type A, the authentication encryption seed A1 and the login password P input by the user, authentication data M1 is obtained through calculation;
step S4: the MySQL client sends a request message S1 containing a client name, a client version, a login name N, authentication data M1 and an access address IP to the proxy;
step S5: the proxy receives the request message S1 and then analyzes the request message to obtain an access address IP; then initiating TCP connection to MySQL server by proxy end;
step S6: the MySQL server generates an authentication type B and an authentication encryption seed B1 of the MySQL server, and sends a server message S2 containing the authentication type B and the authentication encryption seed B1 of the MySQL server to the proxy after the TCP connection is established;
step S7: the proxy end analyzes the received server message S2 to obtain an authentication type B and an authentication encryption seed B1; then, according to the authentication type B and the authentication encryption seed B1, starting to assemble an authswitch message T3, and replying the authswitch message T3 to the MySQL client;
step S8: after receiving an authswitch message T3 from the proxy end, the MySQL client analyzes the authswitch message to obtain an authentication type B and an authentication encryption seed B1; the MySQL client switches the authentication type A of the MySQL server into the authentication type B, and recalculates the password according to the login password P and the authentication encryption seed B1 to obtain the password P1; then, according to the authentication encryption seed B1 and the password P1, authentication data M2 is obtained through calculation;
step S9: the MySQL client sends authentication data M2 to the proxy;
step S10: the proxy sends authentication data M2 to the MySQL server.
2. The protocol proxy password penetration authentication method for Mysql system of claim 1, wherein the proxy end discards the authentication data M1 after parsing the request message S1 in step S5.
3. The protocol proxy password penetration authentication method applied to Mysql system as claimed in claim 1, wherein the authentication encryption seed A1 is a random string.
4. The protocol proxy password penetration authentication method applied to Mysql system as claimed in claim 1, wherein the authentication encryption seed B1 is a random string.
5. The protocol proxy password penetration authentication method for Mysql system of claim 1, wherein in step S9, the Mysql client encapsulates the authentication data M2 into the protocol data R1 and sends the protocol data R1 to the proxy.
6. The method of claim 5, wherein the proxy end in step S10 parses the received protocol data R1, encapsulates the received protocol data R2, and sends the parsed protocol data R2 to the Mysql server.
7. An electronic device includes a memory and a processor; the method is characterized in that:
the memory is used for storing a computer program;
the processor for executing the computer program to implement the protocol proxy password pass-through authentication method of any one of claims 1 to 6.
8. A computer readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the protocol proxy password pass-through authentication method according to any one of claims 1 to 6.
CN202110930414.4A 2021-08-13 2021-08-13 Protocol proxy password penetration authentication method applied to MySQL system Active CN113765893B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110930414.4A CN113765893B (en) 2021-08-13 2021-08-13 Protocol proxy password penetration authentication method applied to MySQL system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110930414.4A CN113765893B (en) 2021-08-13 2021-08-13 Protocol proxy password penetration authentication method applied to MySQL system

Publications (2)

Publication Number Publication Date
CN113765893A CN113765893A (en) 2021-12-07
CN113765893B true CN113765893B (en) 2023-07-07

Family

ID=78789296

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110930414.4A Active CN113765893B (en) 2021-08-13 2021-08-13 Protocol proxy password penetration authentication method applied to MySQL system

Country Status (1)

Country Link
CN (1) CN113765893B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101436936A (en) * 2008-12-15 2009-05-20 中兴通讯股份有限公司 Access authentication method and system based on DHCP protocol

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6996841B2 (en) * 2001-04-19 2006-02-07 Microsoft Corporation Negotiating secure connections through a proxy server
CN101521675B (en) * 2009-03-23 2012-11-07 成都市华为赛门铁克科技有限公司 User certification method and device
US8400923B2 (en) * 2010-10-15 2013-03-19 Telefonaktiebolaget L M Ericsson (Publ) Multipath transmission control protocol proxy
CN107566473A (en) * 2017-08-28 2018-01-09 南京南瑞继保电气有限公司 A kind of electric power secondary system equipment check method
CN108833487B (en) * 2018-05-23 2021-05-04 南京大学 TCP transmission protocol proxy method
CN111695152B (en) * 2020-05-26 2023-05-12 东南大学 MySQL database protection method based on security agent

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101436936A (en) * 2008-12-15 2009-05-20 中兴通讯股份有限公司 Access authentication method and system based on DHCP protocol

Also Published As

Publication number Publication date
CN113765893A (en) 2021-12-07

Similar Documents

Publication Publication Date Title
US9866556B2 (en) Common internet file system proxy authentication of multiple servers
US11140162B2 (en) Response method and system in virtual network computing authentication, and proxy server
US9038162B2 (en) Creating secure interactive connections with remote resources
US8527774B2 (en) System and methods for providing stateless security management for web applications using non-HTTP communications protocols
CN103460674B (en) For supplying/realize the method for sending out notice session and pushing provision entity
CN104135494B (en) A kind of same account untrusted terminal logs in method and system based on trusted terminal
WO2017041621A1 (en) Method and device for performing registration based on authentication device
CN105306433B (en) A kind of method and apparatus accessing virtual machine server
WO2016134657A1 (en) Operating method for push authentication system and device
CN103503408A (en) System and method for providing access credentials
CN106330816A (en) Method and system for logging in cloud desktop
JP2010503320A (en) Method and system for providing authentication services to Internet users
CN104601590A (en) Login method, server and mobile terminal
JP2007509521A (en) Protocol encapsulation for session persistence and reliability
US20110060902A1 (en) Vpn connection system and vpn connection method
CN110138779B (en) Hadoop platform safety management and control method based on multi-protocol reverse proxy
CN105722072A (en) Business authorization method, device, system and router
WO2008071109A1 (en) A method and system for realizing the third-party mail account management
CN102202071A (en) Microsoft service network (MSN)-based network video monitoring method and system
CN112583599B (en) Communication method and device
CN113765893B (en) Protocol proxy password penetration authentication method applied to MySQL system
JP5211579B2 (en) Authentication system and authentication method using SIP
US8646066B2 (en) Security protocol control apparatus and security protocol control method
US11038994B2 (en) Technique for transport protocol selection and setup of a connection between a client and a server
CN104301285B (en) Login method for web system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant