CN114221759B - Remote monitoring deployment method and device, electronic equipment and storage medium - Google Patents
Remote monitoring deployment method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN114221759B CN114221759B CN202111431940.2A CN202111431940A CN114221759B CN 114221759 B CN114221759 B CN 114221759B CN 202111431940 A CN202111431940 A CN 202111431940A CN 114221759 B CN114221759 B CN 114221759B
- Authority
- CN
- China
- Prior art keywords
- remote monitoring
- monitoring end
- middleware
- password
- session key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 200
- 238000000034 method Methods 0.000 title claims abstract description 51
- 238000004891 communication Methods 0.000 claims abstract description 31
- 230000007246 mechanism Effects 0.000 claims abstract description 14
- 238000012795 verification Methods 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 6
- 238000003780 insertion Methods 0.000 claims description 5
- 230000037431 insertion Effects 0.000 claims description 5
- 238000004364 calculation method Methods 0.000 claims description 4
- 238000012790 confirmation Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 11
- 238000012545 processing Methods 0.000 abstract description 6
- 238000010586 diagram Methods 0.000 description 7
- 230000005236 sound signal Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- KLDZYURQCUYZBL-UHFFFAOYSA-N 2-[3-[(2-hydroxyphenyl)methylideneamino]propyliminomethyl]phenol Chemical compound OC1=CC=CC=C1C=NCCCN=CC1=CC=CC=C1O KLDZYURQCUYZBL-UHFFFAOYSA-N 0.000 description 1
- 201000001098 delayed sleep phase syndrome Diseases 0.000 description 1
- 208000033921 delayed sleep phase type circadian rhythm sleep disease Diseases 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0823—Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0827—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
Abstract
The present disclosure relates to a remote monitoring deployment method applied to a dense-tube VPN device, including: reading network configuration information pre-written by a remote monitoring end from a password middleware; establishing a communication channel between the remote monitoring terminal and the network configuration information; a signature encryption mechanism of the password middleware is adopted to determine a session key by utilizing a random number; the registration information is encrypted by a session key and then sent to a remote monitoring end; and after the remote monitoring end verifies the decrypted registration information, receiving a certificate issued by the remote monitoring end so as to complete remote monitoring deployment of the private network VPN equipment. According to the method and the device, the online issuing of the certificate is realized by using the password middleware, manual information input, network configuration and mutual certificate guiding are not needed, the labor cost is effectively reduced, the deployment efficiency is improved, the problem of sensitive information leakage in the manual processing process is effectively avoided, and the communication safety between the end to the end is greatly ensured.
Description
Technical Field
The disclosure relates to the technical field of data security transmission, in particular to a remote monitoring deployment method, a device, electronic equipment and a storage medium.
Background
According to the password device management-device management technical specification standard (GMT 0050-2016) and the password device management-remote monitoring and compliance verification interface data specification (GMT 0053-2016), if a secret-management VPN (Virtual Private Network ) device needs to register at a remote monitoring end to accept the management control of the remote monitoring end, the mutual conductance of a signature/encryption certificate, the input of basic information and the configuration of network information need to be manually performed at the secret-management VPN device and the remote monitoring end before a secure channel is established with the remote monitoring end. However, the manual participation process is easy to cause the problems of leakage of certificate information, misoperation and the like. In addition, the process needs to arrange relevant engineering personnel to the user site to perform equipment deployment work, and the labor cost is high. Moreover, when dense-management VPN devices in different areas are required to be subjected to DMC management and control, engineering personnel are required to enter and configure relevant information on deployment sites of each dense-management device respectively, so that the efficiency is low and errors are easy to occur. In view of this, it has been a great need for a person skilled in the art to provide a solution to the above-mentioned technical problems.
Disclosure of Invention
The invention aims to provide a remote monitoring deployment method, a remote monitoring deployment device, electronic equipment and a computer readable storage medium, so that labor cost is effectively saved, and deployment efficiency and information security are improved.
In order to achieve the above object, the present disclosure provides a remote monitoring deployment method, which is applied to a dense-tube VPN device, including:
reading network configuration information pre-written by a remote monitoring end from a password middleware;
establishing a communication channel between the remote monitoring terminal and the network configuration information based on the network configuration information;
a signature encryption mechanism of the cryptographic middleware is adopted to determine a session key by utilizing a random number;
the registration information is encrypted by the session key and then sent to the remote monitoring end;
and after the remote monitoring end verifies the registration information obtained by decryption, receiving a certificate issued by the remote monitoring end so as to complete remote monitoring deployment of the dense-management VPN equipment.
Optionally, the signature encryption mechanism using the cryptographic middleware determines a session key by using a random number, including:
the secret-pipe VPN equipment generates a random number A, and the random number A is sent to the remote monitoring end after being signed by a private key of the password middleware and encrypted by a public key of the remote monitoring end;
the remote monitoring end obtains the random number A after verifying the signature through the public key of the password middleware and decrypting through the private key of the remote monitoring end;
the remote monitoring end generates a random number B, calculates and generates a session key according to the random numbers A and B, signs the random numbers A and B through a private key of the remote monitoring end, encrypts the random numbers through a public key of the password middleware and then sends the random numbers A and B to the password-managed VPN equipment;
the secret pipe VPN equipment obtains the random number B after decryption through a public key decryption of the remote monitoring end and a private key of the password middleware; the session key is calculated based on the random numbers a and B.
Optionally, the sending the registration information to the remote monitoring end after the registration information is encrypted by the session key includes:
and the IP address, the system version and the equipment name of the encrypted VPN equipment are encrypted by the session key and then sent to the remote monitoring end.
Optionally, the remote monitoring end verifies the registration information obtained by decryption, including:
the remote monitoring end decrypts and acquires the registration information through the session key;
the remote monitoring end performs matching searching on the registration information in a preset database;
and if the matching is successful, judging that the registration information passes the verification.
Optionally, the receiving the certificate issued by the remote monitoring end to complete the remote monitoring deployment of the dense-tube VPN device includes:
the remote monitoring end encrypts the issued certificate and the encryption private key through the session key and then sends the encrypted certificate and the encryption private key to the secret management VPN equipment;
the secret management VPN equipment obtains the certificate and the encryption private key after decrypting through the session key, and sends a successful message of receiving to the remote monitoring terminal;
and the remote monitoring end starts remote monitoring and hosting of the dense-tube VPN equipment.
Optionally, the reading, from the cryptographic middleware, the network configuration information pre-written by the remote monitoring end includes:
and after the insertion event message of the password middleware is monitored, the network configuration information pre-written by the remote monitoring end is read from the inserted password middleware.
In yet another aspect, the application discloses a remote monitoring deployment apparatus, applied to a dense pipe VPN device, comprising:
the reading module is used for reading the network configuration information pre-written by the remote monitoring end from the password middleware;
the communication module is used for establishing a communication channel between the remote monitoring terminal and the network configuration information;
the determining module is used for determining a session key by using a random number by adopting a signature encryption mechanism of the cryptographic middleware;
the registration module is used for encrypting the registration information through the session key and then sending the encrypted registration information to the remote monitoring end; and after the remote monitoring end verifies the registration information obtained by decryption, receiving a certificate issued by the remote monitoring end so as to complete remote monitoring deployment of the dense-management VPN equipment.
Optionally, the determining module is specifically configured to, when the session key is determined by using the random number by adopting a signature encryption mechanism of the cryptographic middleware:
generating a random number A, signing the random number A by a private key of the password middleware, encrypting by a public key of the remote monitoring end, and then sending the random number A to the remote monitoring end;
the method comprises the steps that a remote monitoring end obtains a random number A through public key signature of a password middleware and decryption of a private key of the remote monitoring end, a random number B is generated, a session key is generated according to calculation of the random numbers A and B, the random numbers A and B are signed by the private key of the remote monitoring end and encrypted by the public key of the password middleware and then sent to a secret pipe VPN device, and after the confirmation module obtains the random number B through public key signature of the remote monitoring end and decryption of the private key of the password middleware; and calculates the session key based on the random numbers a and B.
Optionally, when the reading module reads the network configuration information pre-written by the remote monitoring end from the password middleware, the reading module is specifically configured to:
and after the insertion event message of the password middleware is monitored, the network configuration information pre-written by the remote monitoring end is read from the inserted password middleware.
Optionally, when the registration module encrypts the registration information with the session key and sends the encrypted registration information to the remote monitoring end, the registration module is specifically configured to:
and the IP address, the system version and the equipment name of the encrypted VPN equipment are encrypted by the session key and then sent to the remote monitoring end.
Optionally, when receiving the certificate issued by the remote monitoring end to complete the remote monitoring deployment of the close-tube VPN device, the registration module is specifically configured to:
after the remote monitoring end encrypts the issued certificate and the encrypted private key through the session key and then sends the encrypted certificate and the encrypted private key to the private VPN device, the encrypted private key and the certificate are obtained after the encrypted private key is decrypted through the session key, and a successful message of receiving is sent to the remote monitoring end; so that the remote monitoring end starts remote monitoring and hosting of the dense-tube VPN equipment.
According to the technical scheme, the on-line issuing of the certificate is realized safely by using the password middleware, manual information input, network configuration and mutual certificate guiding are not needed, the labor cost is effectively reduced, the deployment efficiency is improved, the problem of sensitive information leakage in the manual processing process is effectively avoided, and the communication safety between the end to the end is greatly ensured.
Additional features and advantages of the present disclosure will be set forth in the detailed description which follows.
Drawings
The accompanying drawings are included to provide a further understanding of the disclosure, and are incorporated in and constitute a part of this specification, illustrate the disclosure and together with the description serve to explain, but do not limit the disclosure. In the drawings:
fig. 1 is a flowchart of a remote monitoring deployment method provided in an embodiment of the present disclosure;
FIG. 2 is a schematic diagram of a process for determining a session key according to an embodiment of the present disclosure;
FIG. 3 is a block diagram of a configuration for a remote monitoring deployment device provided by an embodiment of the present disclosure;
fig. 4 is a block diagram of an electronic device provided in an embodiment of the present disclosure;
fig. 5 is a block diagram of yet another electronic device provided by an embodiment of the present disclosure.
Detailed Description
Specific embodiments of the present disclosure are described in detail below with reference to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating and illustrating the disclosure, are not intended to limit the disclosure.
According to the password device management-device management technical specification standard (GMT 0050-2016) and the password device management-remote monitoring and compliance verification interface data specification (GMT 0053-2016), if a secret-management VPN (Virtual Private Network ) device needs to register at a remote monitoring end to accept the management control of the remote monitoring end, the mutual conductance of a signature/encryption certificate, the input of basic information and the configuration of network information need to be manually performed at the secret-management VPN device and the remote monitoring end before a secure channel is established with the remote monitoring end. However, the manual participation process is easy to cause the problems of leakage of certificate information, misoperation and the like. In addition, the process needs to arrange relevant engineering personnel to the user site to perform equipment deployment work, and the labor cost is high. Moreover, when dense-management VPN devices in different areas are required to be subjected to DMC management and control, engineering personnel are required to enter and configure relevant information on deployment sites of each dense-management device respectively, so that the efficiency is low and errors are easy to occur. In view of this, the present disclosure provides a remote monitoring deployment solution that can effectively solve the above-mentioned problems.
Referring to fig. 1, an embodiment of the present disclosure provides a remote monitoring deployment method, which is applied to a dense-tube VPN device, and mainly includes:
s101: and reading the network configuration information pre-written by the remote monitoring end from the password middleware.
S102: and establishing a communication channel between the remote monitoring terminal and the network configuration information.
S103: the signature encryption mechanism employing cryptographic middleware uses random numbers to determine a session key.
It should be noted that, the remote monitoring deployment provided by the embodiment of the disclosure does not need to manually import certificates, configure related network parameters, prerecorded device information and the like, but introduces a password middleware, and establishes a secure communication channel between the password middleware and the remote monitoring end by using the password middleware, so that on-line certificate issuance of the password VPN device can be realized, not only is the labor cost reduced, but also the deployment efficiency is effectively improved, and the information security of the certificate issuing process is effectively ensured.
Specifically, the remote monitoring end writes network configuration information in the password middleware in advance. After the cryptographic middleware is inserted into the cryptographic VPN device, the cryptographic VPN device reads relevant information from the cryptographic middleware to perform network communication with the remote monitoring end.
In order to ensure the information security of network communication, the secret management VPN device and the remote monitoring device can utilize a method for generating random numbers, and adopt a signature encryption mechanism of a password middleware for transmission, and safely confirm the communication of a session key generated based on random number calculation.
S104: and the registration information is encrypted by the session key and then sent to the remote monitoring end.
S105: and after the remote monitoring end verifies the decrypted registration information, receiving a certificate issued by the remote monitoring end so as to complete remote monitoring deployment of the private network VPN equipment.
After the session key is determined, the closely-managed VPN device may encrypt the registration information that needs to be submitted via the session key, and send the encrypted registration information to the remote monitoring end. After the remote monitoring terminal receives the information, the registration information is decrypted by using the session key, and the secret management VPN device is verified. When the verification is passed, a certificate can be issued for the private VPN device, and the certificate is issued to the private VPN device in an online manner through the previously established secure communication channel. Therefore, the dense-tube VPN equipment completes registration at the remote monitoring end, and remote hosting of the remote monitoring end is obtained.
Therefore, the method and the device realize the online issuing of the certificate by using the password middleware safely, do not need to manually input information, configure a network and mutually guide the certificate, effectively reduce labor cost, improve deployment efficiency, effectively avoid the problem of sensitive information leakage in the manual processing process, and greatly ensure the communication safety between the end to end.
As a specific embodiment, the remote monitoring deployment method provided by the embodiment of the present disclosure reads, on the basis of the foregoing, network configuration information written in advance by a remote monitoring end from a cryptographic middleware, including:
and after the insertion event message of the password middleware is monitored, the network configuration information pre-written by the remote monitoring end is read from the inserted password middleware.
Specifically, when a secret pipe VPN device needs to be subjected to remote monitoring end hosting, the secret pipe VPN device can complete on-line certificate signing through the method in the steps only by inserting the relevant password middleware into the secret pipe VPN device, and hosting at the remote monitoring end is achieved. In particular, the execution of the above method may be triggered by an insert event message of the cryptographic middleware being provided at the cryptographic VPN device.
As a specific embodiment, the remote monitoring deployment method provided by the embodiment of the present disclosure uses a signature encryption mechanism of a cryptographic middleware to determine a session key by using a random number on the basis of the above content, including:
s201: the private VPN equipment generates a random number A, and the random number A is sent to the remote monitoring end after being signed by a private key of the password middleware and encrypted by a public key of the remote monitoring end;
s202: the remote monitoring end obtains a random number A after checking the signature through the public key of the password middleware and decrypting through the private key of the remote monitoring end;
s203: the remote monitoring end generates a random number B, calculates and generates a session key according to the random numbers A and B, signs the random numbers A and B through a private key of the remote monitoring end, encrypts the random numbers through a public key of a secret code middleware and then sends the random numbers A and B to the secret pipe VPN equipment;
s204: the private VPN equipment obtains a random number B after decryption through a public key decryption of the remote monitoring end and a private key of the password middleware; a session key is calculated based on the random numbers a and B.
Referring specifically to fig. 2, fig. 2 is a schematic diagram of a process for determining a session key according to an embodiment of the disclosure. Wherein Ss is the private key of the cryptographic middleware and Sp is the public key of the cryptographic middleware; ds is a private key of the remote monitoring end, and Dp is a public key of the remote monitoring end; a (Ss) (Dp) represents the result of the random number a after Ss signature and Dp encryption; the expression AB (Ds) (Sp) indicates the result of the random numbers A and B after Ds signature and Sp encryption.
As a specific embodiment, the remote monitoring deployment method provided by the embodiment of the present disclosure encrypts the registration information through the session key and sends the encrypted registration information to the remote monitoring end on the basis of the content, and includes:
and the IP address, the system version and the equipment name of the secret management VPN equipment are encrypted by the session key and then sent to a remote monitoring end. Of course, the registration information may also include other specific information, which may be set by those skilled in the art according to actual needs, and this application is not limited thereto.
As a specific embodiment, the remote monitoring deployment method provided by the embodiment of the present disclosure is based on the above content, where the remote monitoring end verifies the registration information obtained by decryption, and the method includes:
the remote monitoring end decrypts and acquires registration information through the session key;
the remote monitoring end performs matching searching on registration information in a preset database;
if the matching is successful, the registration information is judged to pass the verification.
Specifically, the remote monitoring end maintains a database, and stores preset relevant information of equipment capable of implementing remote supervision. By checking the database, the registration information sent by the closely-managed VPN device can be checked.
As a specific embodiment, the remote monitoring deployment method provided by the embodiment of the present disclosure receives a certificate issued by a remote monitoring end on the basis of the above content, so as to complete remote monitoring deployment of a dense-tube VPN device, including:
the remote monitoring end encrypts the issued certificate and the encryption private key through a session key and then sends the encrypted certificate and the encryption private key to the secret management VPN equipment;
the private VPN equipment obtains a certificate and an encryption private key after decrypting through the session key, and sends a successful message to the remote monitoring terminal;
the remote monitoring end starts remote monitoring and hosting of the dense-tube VPN equipment.
Specifically, after passing the verification of the registration information, the remote monitoring end will issue a certificate and an encryption private key for the private management VPN device. The issued certificate and the encryption private key are sent to the private VPN device after being encrypted by the session key, and then are obtained after being decrypted by the private VPN device through the session key. And after receiving a successful receiving message returned by the close-tube VPN equipment, the remote monitoring terminal can start remote monitoring and hosting of the close-tube VPN equipment.
Referring to fig. 3, an embodiment of the present disclosure provides a remote monitoring deployment apparatus 300, which is applied to a dense-tube VPN device, and mainly includes:
the reading module 301 is configured to read, from the cryptographic middleware, network configuration information written in advance by the remote monitoring end;
the communication module 302 is configured to establish a communication channel with the remote monitoring end based on the network configuration information;
a determining module 303, configured to determine a session key by using a random number by using a signature encryption mechanism of the cryptographic middleware;
the registration module 304 is configured to encrypt the registration information with a session key and send the encrypted registration information to the remote monitoring end; and after the remote monitoring end verifies the decrypted registration information, receiving a certificate issued by the remote monitoring end so as to complete remote monitoring deployment of the private network VPN equipment.
As can be seen, the remote monitoring deployment device 300 disclosed in the embodiments of the present disclosure realizes online issuance of certificates by using the cryptographic middleware safely, and does not need to manually enter information, configure a network and mutually guide the certificates, thereby not only effectively reducing labor cost, improving deployment efficiency, but also effectively avoiding the problem of sensitive information leakage in the manual processing process, and greatly guaranteeing the communication security between the end to the end
As a specific embodiment, the remote monitoring deployment device 300 disclosed in the embodiments of the present disclosure is specifically configured to, based on the foregoing, when the signature encryption mechanism of the cryptographic middleware is used to determine the session key by using a random number:
generating a random number A, signing the random number A by a private key of a secret code middleware, encrypting by a public key of a remote monitoring end, and transmitting to the remote monitoring end;
the method comprises the steps that a remote monitoring end obtains a random number A after signing through a public key of a password middleware and decrypting through a private key of the remote monitoring end, a random number B is generated, a session key is generated according to calculation of the random numbers A and B, the random numbers A and B are signed through the private key of the remote monitoring end, encrypted through the public key of the password middleware and then sent to a private pipe VPN device, and a determining module 303 obtains the random number B after signing through the public key of the remote monitoring end and decrypting through the private key of the password middleware; and calculates a session key based on the random numbers a and B.
As a specific embodiment, the remote monitoring deployment apparatus 300 disclosed in the embodiments of the present disclosure is based on the above, where the reading module 301 is specifically configured to, when reading, from the cryptographic middleware, network configuration information that is written in advance by the remote monitoring end:
and after the insertion event message of the password middleware is monitored, the network configuration information pre-written by the remote monitoring end is read from the inserted password middleware.
As a specific embodiment, the remote monitoring deployment apparatus 300 disclosed in the embodiments of the present disclosure is specifically configured to, based on the foregoing, when the registration module 304 encrypts the session key and sends the encrypted registration information to the remote monitoring end:
and the IP address, the system version and the equipment name of the secret management VPN equipment are encrypted by the session key and then sent to a remote monitoring end.
As a specific embodiment, the remote monitoring deployment apparatus 300 disclosed in the embodiments of the present disclosure is based on the above, and when the registration module 304 receives a certificate issued by a remote monitoring end to complete remote monitoring deployment of a dense-tube VPN device, the registration module is specifically configured to:
after the remote monitoring end encrypts the issued certificate and the encryption private key through the session key and sends the encrypted certificate and the encryption private key to the private VPN equipment, the remote monitoring end obtains the certificate and the encryption private key after decrypting through the session key and sends a successful receiving message to the remote monitoring end; so that the remote monitoring end starts remote monitoring and hosting of the dense pipe VPN equipment.
The specific manner in which the various modules perform the operations in the apparatus of the above embodiments have been described in detail in connection with the embodiments of the method, and will not be described in detail herein.
Fig. 4 is a block diagram of an electronic device 400, shown in accordance with an exemplary embodiment. As shown in fig. 4, the electronic device 400 may include: a processor 401, a memory 402. The electronic device 400 may also include one or more of a multimedia component 403, an information input/information output (I/O) interface 404, and a communication component 405.
The processor 401 is configured to control the overall operation of the electronic device 400, so as to complete all or part of the steps in the remote monitoring deployment method applied to the electronic device; the memory 402 is used to store various types of data to support operation at the electronic device 400, which may include, for example, instructions for any application or method operating on the electronic device 400, as well as application-related data, such as contact data, transceived messages, pictures, audio, video, and the like. The Memory 402 may be implemented by any type or combination of volatile or non-volatile Memory devices, such as static random access Memory (Static Random Access Memory, SRAM for short), electrically erasable programmable Read-Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM for short), erasable programmable Read-Only Memory (Erasable Programmable Read-Only Memory, EPROM for short), programmable Read-Only Memory (Programmable Read-Only Memory, PROM for short), read-Only Memory (ROM for short), magnetic Memory, flash Memory, magnetic disk, or optical disk.
The multimedia component 403 may include a screen and an audio component. Wherein the screen may be, for example, a touch screen, the audio component being for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signal may be further stored in the memory 402 or transmitted through the communication component 405. The audio assembly further comprises at least one speaker for outputting audio signals. The I/O interface 404 provides an interface between the processor 401 and other interface modules, which may be a keyboard, mouse, buttons, etc. These buttons may be virtual buttons or physical buttons. The communication component 405 is used for wired or wireless communication between the electronic device 400 and other devices. Wireless communication, such as Wi-Fi, bluetooth, near field communication (Near Field Communication, NFC for short), 2G, 3G or 4G, or a combination of one or more thereof, the corresponding communication component 405 may thus comprise: wi-Fi module, bluetooth module, NFC module.
In an exemplary embodiment, the electronic device 400 may be implemented by one or more application specific integrated circuits (Application Specific Integrated Circuit, abbreviated ASIC), digital signal processor (Digital Signal Processor, abbreviated DSP), digital signal processing device (Digital Signal Processing Device, abbreviated DSPD), programmable logic device (Programmable Logic Device, abbreviated PLD), field programmable gate array (Field Programmable Gate Array, abbreviated FPGA), controller, microcontroller, microprocessor, or other electronic components for performing the remote monitoring deployment method described above.
In another exemplary embodiment, a computer readable storage medium is also provided comprising program instructions which, when executed by a processor, are configured to implement the steps of the remote monitoring deployment method described above. For example, the computer readable storage medium may be the memory 402 storing program instructions that are executable by the processor 401 of the electronic device 400 to perform the remote monitoring deployment method described above.
For details of the electronic device 400 and the computer readable storage medium, reference may be made to the foregoing detailed description of the remote monitoring deployment method, which is not repeated herein.
Fig. 5 is a block diagram of another electronic device 500, shown in accordance with an exemplary embodiment. For example, electronic device 500 may be provided as a server. Referring to fig. 5, an electronic device 500 includes a processor 501, which may be one or more in number, and a memory 502 for storing a computer program executable by the processor 501. The computer program stored in memory 502 may include one or more modules each corresponding to a set of instructions. Further, the processor 501 may be configured to execute the computer program to perform the remote monitoring deployment method described above.
In addition, the electronic device 500 may further include a power supply component 503 and a communication component 504, the power supply component 503 may be configured to perform power management of the electronic device 500, and the communication component 504 may be configured to enable communication of the electronic device 500, e.g., wired or wireless communication. In addition, the electronic device 500 may also include an input/output (I/O) interface 505. The electronic device 500 may operate based on an operating system stored in the memory 502, such as Windows Server, mac OS XTM, unixTM, linuxTM, or the like.
In another exemplary embodiment, a computer readable storage medium is also provided, comprising program instructions which, when executed by a processor, implement the steps of the remote monitoring deployment method described above. For example, the computer readable storage medium may be the memory 502 described above including program instructions executable by the processor 501 of the electronic device 500 to perform the remote monitoring deployment method described above.
The preferred embodiments of the present disclosure have been described in detail above with reference to the accompanying drawings, but the present disclosure is not limited to the specific details of the above embodiments, and various simple modifications may be made to the technical solutions of the present disclosure within the scope of the technical concept of the present disclosure, and all the simple modifications belong to the protection scope of the present disclosure.
In addition, the specific features described in the above embodiments may be combined in any suitable manner without contradiction. The various possible combinations are not described further in this disclosure in order to avoid unnecessary repetition.
Moreover, any combination between the various embodiments of the present disclosure is possible as long as it does not depart from the spirit of the present disclosure, which should also be construed as the disclosure of the present disclosure.
Claims (8)
1. The remote monitoring deployment method is characterized by being applied to a dense-tube VPN device and comprising the following steps:
reading network configuration information pre-written by a remote monitoring end from a password middleware;
establishing a communication channel between the remote monitoring terminal and the network configuration information based on the network configuration information;
a signature encryption mechanism of the cryptographic middleware is adopted to determine a session key by utilizing a random number;
the registration information is encrypted by the session key and then sent to the remote monitoring end;
after the remote monitoring end verifies the registration information obtained through decryption, a certificate issued by the remote monitoring end is received, so that remote monitoring deployment of the dense-management VPN equipment is completed;
the signature encryption mechanism adopting the cryptographic middleware utilizes random numbers to determine a session key, and comprises the following steps:
the secret-pipe VPN equipment generates a random number A, and the random number A is sent to the remote monitoring end after being signed by a private key of the password middleware and encrypted by a public key of the remote monitoring end;
the remote monitoring end obtains the random number A after verifying the signature through the public key of the password middleware and decrypting through the private key of the remote monitoring end;
the remote monitoring end generates a random number B, calculates and generates a session key according to the random numbers A and B, signs the random numbers A and B through a private key of the remote monitoring end, encrypts the random numbers through a public key of the password middleware and then sends the random numbers A and B to the password-managed VPN equipment;
the secret pipe VPN equipment obtains the random number B after decryption through a public key decryption of the remote monitoring end and a private key of the password middleware; the session key is calculated based on the random numbers a and B.
2. The method of claim 1, wherein the sending the registration information to the remote monitoring terminal after the session key is encrypted includes:
and the IP address, the system version and the equipment name of the encrypted VPN equipment are encrypted by the session key and then sent to the remote monitoring end.
3. The method according to claim 1, wherein the remote monitoring end verifies the registration information obtained by decryption, and the method comprises:
the remote monitoring end decrypts and acquires the registration information through the session key;
the remote monitoring end performs matching searching on the registration information in a preset database;
and if the matching is successful, judging that the registration information passes the verification.
4. A method according to any one of claims 1 to 3, wherein said receiving the certificate issued by the remote monitoring end to complete the remote monitoring deployment of the dense-tube VPN device comprises:
the remote monitoring end encrypts the issued certificate and the encryption private key through the session key and then sends the encrypted certificate and the encryption private key to the secret management VPN equipment;
the secret management VPN equipment obtains the certificate and the encryption private key after decrypting through the session key, and sends a successful message of receiving to the remote monitoring terminal;
and the remote monitoring end starts remote monitoring and hosting of the dense-tube VPN equipment.
5. The method of claim 4, wherein the reading the network configuration information pre-written by the remote monitoring end from the cryptographic middleware comprises:
and after the insertion event message of the password middleware is monitored, the network configuration information pre-written by the remote monitoring end is read from the inserted password middleware.
6. A remote monitoring deployment apparatus, characterized in that it is applied to a dense-tube VPN device, comprising:
the reading module is used for reading the network configuration information pre-written by the remote monitoring end from the password middleware;
the communication module is used for establishing a communication channel between the remote monitoring terminal and the network configuration information;
the determining module is used for determining a session key by using a random number by adopting a signature encryption mechanism of the cryptographic middleware;
the registration module is used for encrypting the registration information through the session key and then sending the encrypted registration information to the remote monitoring end; after the remote monitoring end verifies the registration information obtained through decryption, a certificate issued by the remote monitoring end is received, so that remote monitoring deployment of the dense-management VPN equipment is completed;
the determining module is specifically configured to, when a signature encryption mechanism of the cryptographic middleware is adopted to determine a session key by using a random number:
generating a random number A, signing the random number A by a private key of the password middleware, encrypting by a public key of the remote monitoring end, and then sending the random number A to the remote monitoring end;
the method comprises the steps that a remote monitoring end obtains a random number A through public key signature of a password middleware and decryption of a private key of the remote monitoring end, a random number B is generated, a session key is generated according to calculation of the random numbers A and B, the random numbers A and B are signed by the private key of the remote monitoring end and encrypted by the public key of the password middleware and then sent to a secret pipe VPN device, and after the confirmation module obtains the random number B through public key signature of the remote monitoring end and decryption of the private key of the password middleware; and calculates the session key based on the random numbers a and B.
7. An electronic device, comprising:
a memory for storing a computer program;
a processor for executing the computer program to perform the steps of the method according to any one of claims 1 to 5.
8. A computer readable storage medium, characterized in that the computer readable storage medium has stored therein a computer program which, when executed by a processor, is adapted to carry out the steps of the method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111431940.2A CN114221759B (en) | 2021-11-29 | 2021-11-29 | Remote monitoring deployment method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111431940.2A CN114221759B (en) | 2021-11-29 | 2021-11-29 | Remote monitoring deployment method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114221759A CN114221759A (en) | 2022-03-22 |
| CN114221759B true CN114221759B (en) | 2024-04-12 |
Family
ID=80698796
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111431940.2A Active CN114221759B (en) | 2021-11-29 | 2021-11-29 | Remote monitoring deployment method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114221759B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117371762B (en) * | 2023-12-04 | 2024-02-20 | 中兴耀维科技江苏有限公司 | Remote deployment management platform based on environment monitoring |
Citations (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6760752B1 (en) * | 1999-06-28 | 2004-07-06 | Zix Corporation | Secure transmission system |
| CN1943172A (en) * | 2004-02-20 | 2007-04-04 | 诺基亚公司 | System, method and computer program product for accessing at least one virtual private network |
| CN1913533B (en) * | 2006-09-05 | 2011-01-12 | 北京天地互连信息技术有限公司 | Remote video monitoring system based on session initialize protocol and its implementing method |
| CN102291808A (en) * | 2011-06-03 | 2011-12-21 | 莫雅静 | Network communication method, communication equipment and middleware of communication equipment |
| CN102905260A (en) * | 2012-09-18 | 2013-01-30 | 北京天威诚信电子商务服务有限公司 | Safety and certification system for data transmission of mobile terminal |
| CN103703725B (en) * | 2011-05-24 | 2016-05-18 | 托西博克斯有限公司 | For implementing the apparatus arrangement of property Long-distance Control |
| CN105812218A (en) * | 2014-12-31 | 2016-07-27 | 中国电信股份有限公司 | Method for realizing multi-VPN-protocol application access, middleware and mobile terminal |
| CN106789018A (en) * | 2016-12-20 | 2017-05-31 | 百富计算机技术(深圳)有限公司 | Secret key remote acquisition methods and device |
| CN107111478A (en) * | 2014-09-16 | 2017-08-29 | 诺克诺克实验公司 | For the system and method that integrated verification is serviced in the network architecture |
| CN107204854A (en) * | 2017-06-30 | 2017-09-26 | 上海测吧信息技术有限公司 | A kind of digital signature method based on USB TOKEN |
| WO2017207680A1 (en) * | 2016-06-01 | 2017-12-07 | Bundesdruckerei Gmbh | User authentication by means of an id token |
| CN107529167A (en) * | 2016-06-21 | 2017-12-29 | 普天信息技术有限公司 | A kind of authentication method |
| CN107888381A (en) * | 2017-11-09 | 2018-04-06 | 飞天诚信科技股份有限公司 | A kind of implementation method of key importing, apparatus and system |
| CN109041052A (en) * | 2018-07-02 | 2018-12-18 | 北京市燃气集团有限责任公司 | A kind of safety communicating method and system based on marking algorithm |
| CN110300102A (en) * | 2019-06-17 | 2019-10-01 | 中电科大数据研究院有限公司 | A kind of Internet of Things safety access system and method based on block chain |
| CN110315799A (en) * | 2019-06-27 | 2019-10-11 | 济宁科力光电产业有限责任公司 | A kind of remote monitoring system and method for servo-pressing machine production scene |
| CN106599697B (en) * | 2016-11-30 | 2019-10-29 | 北京三未信安科技发展有限公司 | A kind of method and system of safety upgrade PCI cipher card card internal program |
| CN111489159A (en) * | 2020-04-09 | 2020-08-04 | 腾讯科技(深圳)有限公司 | Data processing method, data processing device, computer equipment and medium |
| CN111614637A (en) * | 2020-05-08 | 2020-09-01 | 郑州信大捷安信息技术股份有限公司 | Secure communication method and system based on software cryptographic module |
| CN112003697A (en) * | 2020-08-25 | 2020-11-27 | 成都卫士通信息产业股份有限公司 | Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium |
| CN113360878A (en) * | 2020-03-06 | 2021-09-07 | 深圳法大大网络科技有限公司 | Signature method, device, server and medium |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP6659220B2 (en) * | 2015-01-27 | 2020-03-04 | ルネサスエレクトロニクス株式会社 | Communication device, semiconductor device, program and communication system |
| CN109617698B (en) * | 2019-01-09 | 2021-08-03 | 腾讯科技(深圳)有限公司 | Method for issuing digital certificate, digital certificate issuing center and medium |
| US11025560B2 (en) * | 2019-05-06 | 2021-06-01 | Citrix Systems, Inc. | Method and system for sharing user configuration data between different computing sessions |
-
2021
- 2021-11-29 CN CN202111431940.2A patent/CN114221759B/en active Active
Patent Citations (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6760752B1 (en) * | 1999-06-28 | 2004-07-06 | Zix Corporation | Secure transmission system |
| CN1943172A (en) * | 2004-02-20 | 2007-04-04 | 诺基亚公司 | System, method and computer program product for accessing at least one virtual private network |
| CN1913533B (en) * | 2006-09-05 | 2011-01-12 | 北京天地互连信息技术有限公司 | Remote video monitoring system based on session initialize protocol and its implementing method |
| CN103703725B (en) * | 2011-05-24 | 2016-05-18 | 托西博克斯有限公司 | For implementing the apparatus arrangement of property Long-distance Control |
| CN102291808A (en) * | 2011-06-03 | 2011-12-21 | 莫雅静 | Network communication method, communication equipment and middleware of communication equipment |
| CN102905260A (en) * | 2012-09-18 | 2013-01-30 | 北京天威诚信电子商务服务有限公司 | Safety and certification system for data transmission of mobile terminal |
| CN107111478A (en) * | 2014-09-16 | 2017-08-29 | 诺克诺克实验公司 | For the system and method that integrated verification is serviced in the network architecture |
| CN105812218A (en) * | 2014-12-31 | 2016-07-27 | 中国电信股份有限公司 | Method for realizing multi-VPN-protocol application access, middleware and mobile terminal |
| WO2017207680A1 (en) * | 2016-06-01 | 2017-12-07 | Bundesdruckerei Gmbh | User authentication by means of an id token |
| CN107529167A (en) * | 2016-06-21 | 2017-12-29 | 普天信息技术有限公司 | A kind of authentication method |
| CN106599697B (en) * | 2016-11-30 | 2019-10-29 | 北京三未信安科技发展有限公司 | A kind of method and system of safety upgrade PCI cipher card card internal program |
| CN106789018A (en) * | 2016-12-20 | 2017-05-31 | 百富计算机技术(深圳)有限公司 | Secret key remote acquisition methods and device |
| CN107204854A (en) * | 2017-06-30 | 2017-09-26 | 上海测吧信息技术有限公司 | A kind of digital signature method based on USB TOKEN |
| CN107888381A (en) * | 2017-11-09 | 2018-04-06 | 飞天诚信科技股份有限公司 | A kind of implementation method of key importing, apparatus and system |
| CN109041052A (en) * | 2018-07-02 | 2018-12-18 | 北京市燃气集团有限责任公司 | A kind of safety communicating method and system based on marking algorithm |
| CN110300102A (en) * | 2019-06-17 | 2019-10-01 | 中电科大数据研究院有限公司 | A kind of Internet of Things safety access system and method based on block chain |
| CN110315799A (en) * | 2019-06-27 | 2019-10-11 | 济宁科力光电产业有限责任公司 | A kind of remote monitoring system and method for servo-pressing machine production scene |
| CN113360878A (en) * | 2020-03-06 | 2021-09-07 | 深圳法大大网络科技有限公司 | Signature method, device, server and medium |
| CN111489159A (en) * | 2020-04-09 | 2020-08-04 | 腾讯科技(深圳)有限公司 | Data processing method, data processing device, computer equipment and medium |
| CN111614637A (en) * | 2020-05-08 | 2020-09-01 | 郑州信大捷安信息技术股份有限公司 | Secure communication method and system based on software cryptographic module |
| CN112003697A (en) * | 2020-08-25 | 2020-11-27 | 成都卫士通信息产业股份有限公司 | Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium |
Non-Patent Citations (2)
| Title |
|---|
| Performance analysis of middleware distributed and clustered systems (PAMS) concept in mobile communication devices using Android operating system;Vinay Singh ect.;《2014 International Conference on Parallel, Distributed and Grid Computing》;20150205;全文 * |
| 移动通信中的双向认证与密钥协商新协议;邓所云, 胡正名, 钮心忻, 杨义先;北京邮电大学学报;20020620(第02期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114221759A (en) | 2022-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109462476B (en) | Key agreement method, device, terminal and computer readable storage medium | |
| CN108512846B (en) | Bidirectional authentication method and device between terminal and server | |
| CN101828357B (en) | Credential provisioning method and device | |
| CN109150897B (en) | End-to-end communication encryption method and device | |
| CN103220280A (en) | Dynamic password token and data transmission method and system for dynamic password token | |
| CN106487659B (en) | Information encryption method, information encryption device and terminal | |
| EP2291015A1 (en) | A method for communicating data between a secure element and a network access point and a corresponding secure element | |
| CN112003697B (en) | Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium | |
| CN109274500B (en) | Secret key downloading method, client, password equipment and terminal equipment | |
| CN111654503A (en) | Remote control method, device, equipment and storage medium | |
| CN114221759B (en) | Remote monitoring deployment method and device, electronic equipment and storage medium | |
| CN112118098A (en) | Method, device and system for enhancing digital envelope by post-quantum security | |
| CN111510448A (en) | Communication encryption method, device and system in OTA (over the air) upgrade of automobile | |
| CN112512048B (en) | Mobile network access system, method, storage medium and electronic device | |
| CN114139176A (en) | Industrial internet core data protection method and system based on state secret | |
| CN111444496A (en) | Application control method, device, equipment and storage medium | |
| CN111064577A (en) | Security authentication method and device and electronic equipment | |
| CN104796266A (en) | Authentication method, device and system | |
| CN113326499A (en) | Legal version verification method of electronic equipment, server side, equipment side and user side | |
| CN115297442B (en) | Relay communication connection establishment method, storage medium and electronic device | |
| CN112242977A (en) | Data transmission method and data transmission system | |
| CN112702305B (en) | System access authentication method and device | |
| CN115296934B (en) | Information transmission method and device based on industrial control network intrusion and electronic equipment | |
| CN113542081B (en) | Safe intelligent household control method and system | |
| CN113852469B (en) | Method, device, equipment and readable storage medium for transmitting data between block chain nodes |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |