CN114499942A - Data access method and device and electronic equipment - Google Patents
Data access method and device and electronic equipment Download PDFInfo
- Publication number
- CN114499942A CN114499942A CN202111579703.0A CN202111579703A CN114499942A CN 114499942 A CN114499942 A CN 114499942A CN 202111579703 A CN202111579703 A CN 202111579703A CN 114499942 A CN114499942 A CN 114499942A
- Authority
- CN
- China
- Prior art keywords
- white list
- access request
- internet protocol
- request information
- protocol address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
Abstract
The invention relates to the field of computer science, in particular to a data access method and device and electronic equipment. The method comprises the steps of triggering a callback function to obtain latest white list information when the configuration of a preset white list is monitored to be changed, receiving access request information, analyzing the access request information, obtaining an internet protocol address, judging whether the internet protocol address is matched with the latest white list information or not, and allowing the access request information to access when the internet protocol address is matched with the latest white list information. The dynamic modification of the white list is realized through the real-time detection and the real-time modification of the white list, so that when new contents need to be added into the white list, a server does not need to be closed or restarted, and the working efficiency and the data security are greatly improved.
Description
Technical Field
The invention relates to the field of computer science, in particular to a data access method and device and electronic equipment.
Background
With the deep advance of the strategy of 'changing cloud into number' of China telecom group company, the trend that database services are loaded in public cloud, private cloud and mixed cloud is more and more obvious, so that the method has important significance in ensuring the safe access control of the cloud database services and preventing the cloud database services from being attacked and damaged maliciously in different degrees.
In the prior art, during the instantiation process of the database, the safety and reliability of the database access are provided by setting the firewall rules specified by the user. However, the firewall rules specified by the user are set in the database instantiation process to avoid illegal Internet Protocol (IP) access to the underlying database service, online dynamic modification cannot be achieved by the method, if a database access white list needs to be reset, each database instance needs to be re-instantiated, on one hand, relevant shutdown processing and application service influence may need to be performed, on the other hand, relevant firewall resetting and effective restarting operations need to be performed on a machine where each instance of the cluster is located, and the operation is tedious and easy to make mistakes.
Therefore, a data access method, a data access device and an electronic device are needed to overcome the above defects.
Disclosure of Invention
In view of this, embodiments of the present invention provide a data access method and apparatus, and an electronic device, so as to solve the problem that a white list cannot be modified in an operation process to implement data access.
According to a first aspect, an embodiment of the present invention provides a method for data access, including:
when the configuration of the preset white list is monitored to be changed, triggering a callback function to acquire the latest white list information;
receiving access request information;
analyzing the access request information to obtain an internet protocol address;
judging whether the Internet protocol address is matched with the latest white list information or not;
and when the internet protocol address is matched with the latest white list information, allowing the access request information to access.
The data access method provided by the embodiment of the invention realizes dynamic modification of the white list through real-time detection and real-time modification of the white list, so that when new contents need to be added into the white list, a server does not need to be shut down or restarted, and the working efficiency is greatly improved.
With reference to the first aspect, in a first implementation manner of the first aspect, before the step of triggering the callback function to obtain the latest white list information when it is monitored that the configuration of the preset white list is changed, the method further includes:
and responding to the registration operation of a registration module, and adding the Internet protocol address to the white list.
With reference to the first aspect, in a second implementation manner of the first aspect, the determining whether the internet protocol address matches with the latest white list information includes:
and judging whether the internet protocol address is matched with the latest white list information or not through a regular matching algorithm.
With reference to the first aspect, in a third embodiment of the first aspect, the method further includes:
judging whether the number of the access request information reaches the maximum access number or not;
and stopping receiving the access request information when the number of the access request information reaches the maximum access number.
With reference to the third implementation manner of the first aspect, in a fourth implementation manner of the first aspect, the determining whether the number of access request messages reaches a maximum access number includes:
and when the number of the access request information does not reach the maximum access number, continuously receiving the access request information.
With reference to the first aspect, in a fifth implementation manner of the first aspect, the determining whether the internet protocol address matches with the latest white list information includes:
and when the internet protocol address is not matched with the latest white list information, prohibiting the access request information from accessing.
According to a second aspect, an embodiment of the present invention provides an apparatus for data access, including:
the first processing unit is used for triggering a callback function to acquire the latest white list information when the configuration of the preset white list is monitored to be changed;
a second processing unit for receiving access request information;
the third processing unit is used for analyzing the access request information and acquiring an internet protocol address;
the fourth processing unit is used for judging whether the internet protocol address is matched with the latest white list information or not;
a fifth processing unit, configured to allow the access request information to be accessed when the internet protocol address exists in the latest white list information.
According to a third aspect, embodiments of the present invention provide an electronic device, comprising: a memory and a processor, the memory and the processor being communicatively connected to each other, the memory storing therein computer instructions, and the processor executing the computer instructions to perform the data access method of the first aspect or any one of the embodiments of the first aspect.
According to a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, which stores computer instructions for causing a computer to execute the data access method described in the first aspect or any one of the implementation manners of the first aspect.
According to a fifth aspect, an embodiment of the present invention provides a system for data access, including:
the registration module is connected to the gateway and used for registering a new Internet protocol address to the white list;
the gateway is connected to the registration module and the database and used for triggering a callback function to acquire latest white list information when the configuration of a preset white list is monitored to be changed, receiving access request information, analyzing the access request information, acquiring an internet protocol address, judging whether the internet protocol address is matched with the latest white list information or not, and allowing the access request information to access when the internet protocol address is matched with the latest white list information;
and the database is connected to the gateway and used for responding to the access request information and outputting data.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a flow diagram of a method of data access according to an embodiment of the invention;
FIG. 2 is a flow diagram of a method of data access according to an embodiment of the invention;
FIG. 3 is a schematic diagram of a method of data access according to an embodiment of the invention;
FIG. 4 is a schematic diagram of a method of data access according to an embodiment of the invention;
FIG. 5 is a block diagram of an apparatus for data access according to an embodiment of the present invention;
fig. 6 is a schematic diagram of a hardware structure of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it should be understood that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc., indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of description and simplicity of description, but do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; the two elements may be directly connected or indirectly connected through an intermediate medium, or may be communicated with each other inside the two elements, or may be wirelessly connected or wired connected. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
In describing the present invention, it is noted that the term "and/or" as used in this specification and the appended claims refers to and includes any and all combinations of one or more of the associated listed items.
In addition, the technical features involved in the different embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The data access method provided by the embodiment of the invention realizes dynamic modification of the white list through real-time detection and real-time modification of the white list, so that when new contents need to be added into the white list, a server does not need to be shut down or restarted, and the working efficiency is greatly improved.
In accordance with an embodiment of the present invention, there is provided a method embodiment of data access, it being noted that the steps illustrated in the flowchart of the figure may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in an order different than here.
In this embodiment, a method for data access is provided, which may be used in an electronic device, such as a computer, a server, a tablet computer, and the like, fig. 1 is a flowchart of a method for data access according to an embodiment of the present invention, and as shown in fig. 1, the flowchart includes the following steps:
s11, when the configuration of the preset white list is monitored to change, triggering a callback function to acquire the latest white list information;
specifically, it is assumed that a white list a exists, before the change occurs, the white list a includes IP _ a, IP _ B, and IP _ C, after the change occurs, the white list a includes IP _ a, IP _ B, IP _ C, and IP _ D, and after the change of the white list a is detected, a callback function is triggered, and the white list a after the change including IP _ a, IP _ B, IP _ C, and IP _ D is returned.
Details about this step will be described later.
S12, receiving the access request information;
specifically, the gateway is connected to the client, and when the client wants to access a certain database, the client needs to send an access request to the gateway.
S13, analyzing the access request information to obtain an Internet protocol address;
specifically, the gateway may parse the access request information through a parsing component (Netty).
For example, assuming that the access request information a exists, the gateway may obtain the corresponding IP address in the access request information a through Netty in the process of receiving the access request a.
S14, judging whether the Internet protocol address is matched with the latest white list information;
specifically, for example, it is assumed that two pieces of access request information, access request information msg1 and access request information msg2, are received, and after analysis, the IP address corresponding to msg1 is IP _1, and the IP address corresponding to msg2 is IP _ 2. Assume that the latest white list information contains: IP _0, IP _1, then IP _1 is the match state, IP _2 is the mismatch state.
Details about this step will be described later.
And S15, when the Internet protocol address is matched with the latest white list information, allowing the access request information to access.
Specifically, also taking the msg1 and the msg2 as examples, since the IP address corresponding to the msg1 matches the white list information, the access request of the msg1 is allowed.
Details about this step will be described later.
According to the data access method provided by the embodiment of the invention, the dynamic modification of the white list is realized through the real-time detection and real-time modification of the white list, so that when new contents are required to be added into the white list, a server does not need to be shut down or restarted, and the working efficiency is greatly improved.
In this embodiment, a data access method is provided, which may be used in an electronic device, such as a computer, a server, a tablet computer, and the like, fig. 2 is a flowchart of a data access method according to an embodiment of the present invention, and as shown in fig. 2, the flowchart includes the following steps:
s21, when the configuration of the preset white list is monitored to change, triggering a callback function to acquire the latest white list information;
specifically, S21 includes:
s211, responding to the registration operation of the registration module, and adding the Internet protocol address to the white list.
Specifically, in practical applications, the IP address may be added to the white list through a registration module (zookeeper).
For example, in practical applications, if the white list originally includes IP _0 and IP _1, IP _2 may also be added to the white list through zookeeper.
S22, receiving the access request information;
please refer to S12 in fig. 1, which is not described herein again.
S23, analyzing the access request information to obtain an Internet protocol address;
please refer to S13 in fig. 1, which is not described herein again.
S24, judging whether the Internet protocol address is matched with the latest white list information;
specifically, S24 includes:
and S241, judging whether the Internet protocol address is matched with the latest white list information through a regular matching algorithm.
Specifically, assuming that all IP addresses are xx.11.22.33, and assuming that only the last six IP addresses that are "11.22.33" are in the white list, the following matching rule "./. 22/. 33/" may be set, so that the white list matching according to the above rule may be implemented.
It should be noted that the codes and related IPs appearing in this example are only examples, and any language may be used in the example application to implement the regular matching, and meanwhile, the writing manner of the codes is not limited to the above records, and is only an example here.
And S242, when the Internet protocol address is not matched with the latest white list information, forbidding the access request information to access.
In particular, it is assumed that there is an IP address in the white list
And S25, when the Internet protocol address is matched with the latest white list information, allowing the access request information to access.
Specifically, S25 includes:
s251, determining whether the number of the access request messages reaches a maximum access number;
specifically, assuming that the maximum access number is 5, two cases are assumed to exist, in the first case, there are 4 pieces of passing access request information, and at this time, one piece of access request information is newly added. In case two, there are 5 pieces of access request information, and at this time, one piece of access information is added.
S252, when the number of the access request messages reaches the maximum access number, stopping receiving the access request messages.
Specifically, also taking the above-mentioned case one and case two as examples, when in case one, the maximum access number is not reached, and therefore, new access request information can be passed, and in case two, the maximum access request number has been reached earlier, and therefore, acceptance of new access request information is stopped.
In this embodiment, a system for data access is provided, which can be used in an electronic device, such as a computer, a server, a tablet computer, and the like, fig. 6 is a schematic diagram of a method for data storage according to an embodiment of the present invention, as shown in fig. 6:
the user firstly adds the IP address of the user to a white list through a registration module, when the database access is needed, the user sends a data access request to a gateway, the gateway analyzes the data access request to obtain the IP address corresponding to the user, the corresponding IP address is matched with the IP address in the white list, and when the matching is successful, the user is allowed to access the database.
As a specific application example of this embodiment, as shown in fig. 4, the data access method includes:
and S1, registering the IP address to the white list through the registration module.
And S2, sending a data access request to the gateway.
And S3, the gateway analyzes the data access request and acquires the IP address of the user.
And S4, the gateway judges whether the IP address obtained by analysis is matched with the IP address recorded in the white list. If so, go to step S5, otherwise go to step S6.
And S5, allowing the database to be accessed.
S6, access to the database is denied.
In this embodiment, a data access apparatus is further provided, and the apparatus is used to implement the foregoing embodiments and preferred embodiments, and details of which have been already described are omitted. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
The present embodiment provides an apparatus for data access, as shown in fig. 5, including:
the first processing unit 51 is configured to trigger a callback function to obtain latest white list information when it is monitored that the configuration of the preset white list changes;
a second processing unit 52 for receiving access request information;
a third processing unit 53, configured to parse the access request information to obtain an internet protocol address;
a fourth processing unit 54, configured to determine whether the internet protocol address matches the latest white list information;
a fifth processing unit 55, configured to allow the access request information to be accessed when the internet protocol address exists in the latest white list information.
The firmware refresh apparatus in this embodiment is presented in the form of functional units, where a unit refers to an ASIC circuit, a processor and a memory executing one or more software or fixed programs, and/or other devices that may provide the above-described functionality.
Further functional descriptions of the modules are the same as those of the corresponding embodiments, and are not repeated herein.
An embodiment of the present invention further provides an electronic device, which has the data access apparatus shown in fig. 5.
Referring to fig. 6, fig. 6 is a schematic structural diagram of an electronic device according to an alternative embodiment of the present invention, and as shown in fig. 6, the electronic device may include: at least one processor 61, such as a CPU (Central Processing Unit), at least one communication interface 63, memory 64, at least one communication bus 62. Wherein a communication bus 62 is used to enable the connection communication between these components. The communication interface 63 may include a Display (Display) and a Keyboard (Keyboard), and the optional communication interface 63 may also include a standard wired interface and a standard wireless interface. The Memory 64 may be a high-speed RAM Memory (volatile Random Access Memory) or a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. The memory 64 may optionally be at least one memory device located remotely from the processor 61. Wherein the processor 61 may be in connection with the apparatus described in fig. 6, an application program is stored in the memory 64, and the processor 61 calls the program code stored in the memory 64 for performing any of the above-mentioned method steps.
The communication bus 62 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus. The communication bus 62 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 6, but this is not intended to represent only one bus or type of bus.
The memory 64 may include a volatile memory (RAM), such as a random-access memory (RAM); the memory may also include a non-volatile memory (english: non-volatile memory), such as a flash memory (english: flash memory), a hard disk (english: hard disk drive, abbreviated: HDD) or a solid-state drive (english: SSD); the memory 64 may also comprise a combination of the above types of memory.
The processor 61 may be a Central Processing Unit (CPU), a Network Processor (NP), or a combination of CPU and NP.
The processor 61 may further include a hardware chip. The hardware chip may be an application-specific integrated circuit (ASIC), a Programmable Logic Device (PLD), or a combination thereof. The PLD may be a Complex Programmable Logic Device (CPLD), a field-programmable gate array (FPGA), a General Array Logic (GAL), or any combination thereof.
Optionally, the memory 64 is also used to store program instructions. The processor 61 may call program instructions to implement a method of data access as shown in any of the embodiments of the present application.
Embodiments of the present invention further provide a non-transitory computer storage medium, where the computer storage medium stores computer-executable instructions, and the computer-executable instructions may execute the method for data access in any of the above method embodiments. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD), a Solid State Drive (SSD), or the like; the storage medium may also comprise a combination of memories of the kind described above.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.
Claims (10)
1. A method of accessing data, comprising:
when the configuration of the preset white list is monitored to be changed, triggering a callback function to acquire the latest white list information;
receiving access request information;
analyzing the access request information to obtain an internet protocol address;
judging whether the Internet protocol address is matched with the latest white list information or not;
and when the internet protocol address is matched with the latest white list information, allowing the access request information to access.
2. The method of claim 1, wherein before the step of triggering the callback function to obtain the latest white list information when the configuration of the preset white list is monitored to be changed, the method further comprises:
and responding to the registration operation of a registration module, and adding the Internet protocol address to the white list.
3. The method of claim 1, wherein determining whether the internet protocol address matches up with up-to-date white list information comprises:
and judging whether the internet protocol address is matched with the latest white list information or not through a regular matching algorithm.
4. The method of claim 1, further comprising:
judging whether the number of the access request information reaches the maximum access number or not;
and stopping receiving the access request information when the number of the access request information reaches the maximum access number.
5. The method of claim 4, wherein the determining whether the number of access request messages reaches a maximum number of accesses comprises:
and when the number of the access request information does not reach the maximum access number, continuously receiving the access request information.
6. The method of claim 1, wherein determining whether the internet protocol address matches up with up-to-date white list information comprises:
and when the internet protocol address is not matched with the latest white list information, prohibiting the access request information from accessing.
7. A data access device, comprising:
the first processing unit is used for triggering a callback function to acquire the latest white list information when the configuration of the preset white list is monitored to be changed;
a second processing unit for receiving access request information;
the third processing unit is used for analyzing the access request information and acquiring an internet protocol address;
the fourth processing unit is used for judging whether the internet protocol address is matched with the latest white list information or not;
a fifth processing unit, configured to allow the access request information to be accessed when the internet protocol address exists in the latest white list information.
8. An electronic device, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform the steps of the method of any one of claims 1-6.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 1-6.
10. A data access system, comprising:
the registration module is connected to the gateway and used for registering a new Internet protocol address to the white list;
the gateway is connected to the registration module and the database and used for triggering a callback function to acquire latest white list information when the configuration of a preset white list is monitored to be changed, receiving access request information, analyzing the access request information, acquiring an internet protocol address, judging whether the internet protocol address is matched with the latest white list information or not, and allowing the access request information to access when the internet protocol address is matched with the latest white list information;
and the database is connected to the gateway and used for responding to the access request information and outputting data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111579703.0A CN114499942A (en) | 2021-12-22 | 2021-12-22 | Data access method and device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111579703.0A CN114499942A (en) | 2021-12-22 | 2021-12-22 | Data access method and device and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114499942A true CN114499942A (en) | 2022-05-13 |
Family
ID=81494534
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111579703.0A Pending CN114499942A (en) | 2021-12-22 | 2021-12-22 | Data access method and device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114499942A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115987683A (en) * | 2023-03-15 | 2023-04-18 | 中国信息通信研究院 | Node access control method, device, equipment and medium in block chain network |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104092698A (en) * | 2014-07-21 | 2014-10-08 | 北京网秦天下科技有限公司 | Network resource access control method and device |
| US20150067764A1 (en) * | 2013-09-03 | 2015-03-05 | Electronics And Telecommunications Research Institute | Whitelist-based network switch |
| US20160308721A1 (en) * | 2015-04-14 | 2016-10-20 | International Business Machines Corporation | Replicating configuration between multiple geographically distributed servers using the rest layer, requiring minimal changes to existing service architecture |
| CN106302383A (en) * | 2016-07-22 | 2017-01-04 | 北京奇虎科技有限公司 | The processing method of data access request and processing means |
| WO2017084535A1 (en) * | 2015-11-20 | 2017-05-26 | 英赛克科技(北京)有限公司 | Method for trusted protocol conversion and system |
| CN107508822A (en) * | 2017-09-06 | 2017-12-22 | 迈普通信技术股份有限公司 | Access control method and device |
| CN110290147A (en) * | 2019-07-05 | 2019-09-27 | 上海中通吉网络技术有限公司 | Safe penetration defence method, device and equipment |
| CN110889132A (en) * | 2019-11-04 | 2020-03-17 | 中盈优创资讯科技有限公司 | Distributed application permission verification method and device |
| CN111404912A (en) * | 2020-03-11 | 2020-07-10 | 成都千立网络科技有限公司 | Domain name detection method and device based on IP white list |
| CN112637106A (en) * | 2019-09-24 | 2021-04-09 | 成都鼎桥通信技术有限公司 | Method and device for terminal to access website |
-
2021
- 2021-12-22 CN CN202111579703.0A patent/CN114499942A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150067764A1 (en) * | 2013-09-03 | 2015-03-05 | Electronics And Telecommunications Research Institute | Whitelist-based network switch |
| CN104092698A (en) * | 2014-07-21 | 2014-10-08 | 北京网秦天下科技有限公司 | Network resource access control method and device |
| US20160308721A1 (en) * | 2015-04-14 | 2016-10-20 | International Business Machines Corporation | Replicating configuration between multiple geographically distributed servers using the rest layer, requiring minimal changes to existing service architecture |
| WO2017084535A1 (en) * | 2015-11-20 | 2017-05-26 | 英赛克科技(北京)有限公司 | Method for trusted protocol conversion and system |
| CN106302383A (en) * | 2016-07-22 | 2017-01-04 | 北京奇虎科技有限公司 | The processing method of data access request and processing means |
| CN107508822A (en) * | 2017-09-06 | 2017-12-22 | 迈普通信技术股份有限公司 | Access control method and device |
| CN110290147A (en) * | 2019-07-05 | 2019-09-27 | 上海中通吉网络技术有限公司 | Safe penetration defence method, device and equipment |
| CN112637106A (en) * | 2019-09-24 | 2021-04-09 | 成都鼎桥通信技术有限公司 | Method and device for terminal to access website |
| CN110889132A (en) * | 2019-11-04 | 2020-03-17 | 中盈优创资讯科技有限公司 | Distributed application permission verification method and device |
| CN111404912A (en) * | 2020-03-11 | 2020-07-10 | 成都千立网络科技有限公司 | Domain name detection method and device based on IP white list |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115987683A (en) * | 2023-03-15 | 2023-04-18 | 中国信息通信研究院 | Node access control method, device, equipment and medium in block chain network |
| CN115987683B (en) * | 2023-03-15 | 2023-07-28 | 中国信息通信研究院 | Node access control method, device, equipment and medium in block chain network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10255370B2 (en) | Automated compliance checking through analysis of cloud infrastructure templates | |
| CN110708315A (en) | Asset vulnerability identification method, device and system | |
| CN110417778B (en) | Access request processing method and device | |
| RU2628496C2 (en) | Method and device of partial updates | |
| CN110535727A (en) | Asset identification method and apparatus | |
| KR20190030728A (en) | Abnormal detection using sequence of system call | |
| CN110968356A (en) | Method and device for acquiring configuration information | |
| US20230239293A1 (en) | Probe-based risk analysis for multi-factor authentication | |
| CN111277561A (en) | Network attack path prediction method and device and security management platform | |
| CN111030887B (en) | Web server discovery method and device and electronic equipment | |
| CN114499942A (en) | Data access method and device and electronic equipment | |
| CN107707571A (en) | A kind of method and apparatus for managing network external connection | |
| CN111404956A (en) | Risk information acquisition method and device, electronic equipment and storage medium | |
| US11251976B2 (en) | Data security processing method and terminal thereof, and server | |
| CN112464238B (en) | Vulnerability scanning method and electronic equipment | |
| US10936968B2 (en) | Ticket routing | |
| CN106790071B (en) | Method and device for detecting DNS full-flow hijacking risk | |
| CN113098852A (en) | Log processing method and device | |
| CN113709136B (en) | Access request verification method and device | |
| CN114528350A (en) | Cluster split brain processing method, device and equipment and readable storage medium | |
| CN114285664A (en) | Abnormal user identification method, system, device and medium | |
| CN114189865A (en) | Network attack protection method in communication network, computer device and storage medium | |
| CN110971575B (en) | Malicious request identification method and device, electronic equipment and computer storage medium | |
| CN112288990A (en) | Method, system, medium and device for generating internet of things event based on internet of things data | |
| CN111949363A (en) | Service access management method, computer equipment, storage medium and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |