CN114629683B - Access method, device, equipment and storage medium of management server - Google Patents

Access method, device, equipment and storage medium of management server Download PDF

Info

Publication number
CN114629683B
CN114629683B CN202210128933.3A CN202210128933A CN114629683B CN 114629683 B CN114629683 B CN 114629683B CN 202210128933 A CN202210128933 A CN 202210128933A CN 114629683 B CN114629683 B CN 114629683B
Authority
CN
China
Prior art keywords
management server
terminal device
preset
terminal equipment
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210128933.3A
Other languages
Chinese (zh)
Other versions
CN114629683A (en
Inventor
孙中轩
母志武
谢翊乐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Asiainfo Technologies (chengdu) Inc
Original Assignee
Asiainfo Technologies (chengdu) Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Asiainfo Technologies (chengdu) Inc filed Critical Asiainfo Technologies (chengdu) Inc
Priority to CN202210128933.3A priority Critical patent/CN114629683B/en
Publication of CN114629683A publication Critical patent/CN114629683A/en
Application granted granted Critical
Publication of CN114629683B publication Critical patent/CN114629683B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Abstract

The application provides an access method, device, equipment and storage medium of a management server, relates to the technical field of communication, and can improve the efficiency of accessing terminal equipment to the management server in a region. The method comprises the following steps: the authentication server receives first request information from a terminal device logged in by a target account, wherein the first request information comprises the target account and a corresponding password; under the condition that the terminal equipment passes verification, the authentication server detects whether the terminal equipment has a configuration file corresponding to a preset protocol, the preset protocol is used for enabling the terminal equipment to safely access a target management server, and the target management server is a management server of an area where the terminal equipment is currently located; if the terminal equipment is detected to have the configuration file corresponding to the preset protocol, the authentication server sends first indication information to the terminal equipment based on the preset protocol, wherein the first indication information is used for indicating the target management server.

Description

Access method, device, equipment and storage medium of management server
Technical Field
The present application relates to the field of communications technologies, and in particular, to an access method, an access device, and a storage medium for a management server.
Background
With the increase of the number of computer terminal devices managed by enterprises, most of enterprises realize multi-computer terminal device management by adopting a client/server architecture. However, the area where the computer terminal device is located is not fixed, and one server can only manage one area.
If a client registered on one regional management server wants to roam to a management regional access network of another regional management server, the client or a system administrator often needs to be re-registered for manual authorization, or a roaming server is deployed, so that the cost is high and the efficiency is low, and therefore, how to enable terminal equipment to quickly access to the corresponding regional management server in different regions becomes a problem to be solved.
Disclosure of Invention
The application provides an access method, device, equipment and storage medium of a management server, so as to improve the efficiency of accessing terminal equipment to the management server in the area.
In order to achieve the above purpose, the application adopts the following technical scheme:
in a first aspect, the present application provides an access method of a management server, applied to an authentication server, the method comprising: receiving first request information from a terminal device logged in by a target account, wherein the first request information comprises the target account and a corresponding password; under the condition that the target account number passes authentication, detecting whether the terminal equipment has a configuration file corresponding to a preset protocol, wherein the preset protocol is used for safely accessing the terminal equipment into a target management server, and the target management server is a management server of an area where the terminal equipment is currently located; if the terminal equipment is detected to have the configuration file corresponding to the preset protocol, first indication information is sent to the terminal equipment based on the preset protocol, and the first indication information is used for indicating the target management server.
Optionally, if it is detected that the terminal device does not have the configuration file corresponding to the preset protocol, second indication information is sent to the terminal device, where the second indication information is used to instruct the terminal device to install a preset security program, so that the terminal device registers the preset protocol, and the preset security program is used to monitor whether the terminal device has a malicious program.
Optionally, detecting whether the terminal device has a configuration file corresponding to a preset protocol includes: sending third indication information to the terminal equipment, wherein the third indication information is used for indicating the terminal equipment to detect whether the terminal equipment has a configuration file corresponding to a preset protocol or not; and receiving first feedback information from the terminal equipment, wherein the first feedback information is used for indicating whether the terminal equipment has a configuration file corresponding to a preset protocol.
In a second aspect, the present application provides a method for managing a server, applied to a terminal device, the method comprising:
optionally, in response to the first login operation, sending first request information to the authentication server, where the first request information includes the target account number and a corresponding password; receiving first indication information from an authentication server, wherein the first indication information is used for indicating a target management server, the first indication information is sent by the authentication server under the condition that a configuration file with a preset protocol is determined to be provided for terminal equipment, the preset protocol is used for enabling the terminal equipment to safely access the target management server, and the target management server is a management server of an area where the terminal equipment is currently located; and sending the first access request information to the target management server under the condition that the target management server meets the preset condition.
Optionally, receiving second instruction information from the authentication server, where the second instruction information is used to instruct the terminal device to install a preset security program, and the second instruction information includes first link information, where the first link information is associated with the preset security program; and acquiring and installing a preset security program corresponding to the operating system of the terminal equipment according to the first link information, and registering a preset protocol.
Optionally, accessing the target management server if the target management server meets a preset condition includes: if the target management server is a first management server, first access request information is sent to the target management server, the first management server is a management server accessed by the terminal equipment in a first preset time period, and the first preset time period is a time period before the current time; if the target management server is not the first management server and the time difference between the time when the terminal equipment is accessed to the first management server and the current time is greater than the preset duration, the first access request information is sent to the target management server.
In a third aspect, the present application provides an access device of a management server, applied to an authentication server, the access device comprising: the system comprises a receiving unit, a detecting unit and a sending unit, wherein the receiving unit is used for receiving first request information from a terminal device logged in by a target account, and the first request information is used for requesting a management server in an area where the access terminal device is currently located; the detection unit is used for detecting whether the terminal equipment has a configuration file corresponding to a preset protocol or not under the condition that the target account authentication is passed, the preset protocol is used for enabling the terminal equipment to safely access a target management server, and the target management server is a management server of an area where the terminal equipment is currently located; the sending unit is used for sending first indication information to the terminal equipment based on the preset protocol after detecting that the terminal equipment has the configuration file corresponding to the preset protocol, wherein the first indication information is used for indicating the target management server.
Optionally, the sending unit is further configured to send second indication information to the terminal device when detecting that the terminal device does not have a configuration file corresponding to the preset protocol, where the second indication information is used to instruct the terminal device to install the preset security program, so that the terminal device registers the preset protocol, and the preset security program is used to monitor whether the terminal device has a malicious program.
Optionally, the detection unit is specifically configured to: sending third indication information to the terminal equipment, wherein the third indication information is used for indicating the terminal equipment to detect whether the terminal equipment has a configuration file corresponding to a preset protocol or not; and receiving first feedback information from the terminal equipment, wherein the first feedback information is used for indicating whether the terminal equipment has a configuration file corresponding to a preset protocol.
In a fourth aspect, the present application provides an access device for a management server, which is applied to a terminal device, and the access device includes: a transmitting unit and a receiving unit; the sending unit is used for responding to the first login operation and sending first request information to the authentication server, wherein the first request information comprises a target account number and a corresponding password; the terminal equipment comprises a receiving unit, a target management server and a target management server, wherein the receiving unit is used for receiving first indication information from the authentication server, the first indication information is used for indicating the target management server, the first indication information is sent by the authentication server under the condition that the terminal equipment is determined to have a configuration file with a preset protocol, the preset protocol is used for safely accessing the terminal equipment into the target management server, and the target management server is the management server of the current area of the terminal equipment; and the sending unit is also used for sending the first access request information to the target management server under the condition that the target management server meets the preset condition.
Optionally, the access device further comprises a processing unit; the receiving unit is used for receiving second instruction information from the authentication server, the second instruction information is used for instructing the terminal equipment to install a preset security program, the second instruction information comprises first link information, and the first link information is associated with the preset security program; and the processing unit is used for acquiring and installing a preset security program corresponding to the operating system of the terminal equipment according to the first link information and registering a preset protocol.
Optionally, the sending unit is further configured to send, when the target management server is the first management server, first access request information to the target management server, where the first management server is a management server that is accessed by the terminal device in a first preset time period; the first preset time period is the time period before the current time; the sending unit is further configured to send first access request information to the target management server when the target management server is not the first management server and the time difference between the time when the terminal device accesses the first management server and the current time is greater than a preset duration.
In a fifth aspect, the present application provides an authentication server comprising: a processor, a communication interface, and a memory; wherein the memory is configured to store one or more programs, the one or more programs comprising computer-executable instructions that, when executed by the authentication server, cause the authentication server to perform the method of accessing the management server of any of the first aspect and its various alternative implementations.
In a sixth aspect, the present application provides a terminal device, including: a processor, a communication interface, and a memory; wherein the memory is configured to store one or more programs, the one or more programs comprising computer-executable instructions that, when executed by the terminal device, cause the terminal device to perform the method of accessing the management server of any of the above-described first aspect and its various alternative implementations.
In a seventh aspect, the present application provides a computer readable storage medium having instructions stored therein, which when executed by a computer, perform the method of accessing a management server of the first aspect and any of its various alternative implementations.
In an eighth aspect, the present application provides a computer readable storage medium having instructions stored therein which, when executed by a computer, perform the method of accessing a management server of the second aspect and any of the various alternative implementations thereof.
In a ninth aspect, the present application provides a communication system comprising an authentication server for performing the method as described in any one of the possible implementations of the first aspect and the first aspect, and a terminal device in communication with the authentication server for performing the method as described in any one of the possible implementations of the ninth aspect and the eighth aspect.
According to the technical scheme provided by the embodiment of the application, the authentication server verifies the terminal equipment after receiving the first request information from the terminal equipment, wherein the first request information is used for requesting the management server of the area where the access terminal equipment is currently located. And under the condition that the verification of the terminal equipment is passed, the authentication server detects whether the terminal equipment has a configuration file corresponding to a preset protocol. If the terminal equipment is detected to have the configuration file corresponding to the preset protocol, the authentication server sends first indication information to the terminal equipment based on the preset protocol, wherein the first indication information is used for indicating a target management server, and the target management server is a management server of an area where the terminal equipment is currently located. The normal data communication between the authentication server and the terminal device can be ensured due to the preset protocol. Thus, the authentication server can issue the information of the management server in the current area of the terminal device to the terminal device through the preset protocol. After receiving the information of the management server at the current position, the terminal equipment can automatically migrate and access, and the whole process does not need any operation of a user, so that the non-perception cross-server roaming is realized, and the efficiency of accessing the management server is improved.
Drawings
Fig. 1 is a schematic structural diagram of a communication system 10 according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of an access device according to an embodiment of the present application;
fig. 3 is a schematic flow chart of an access method according to an embodiment of the present application;
fig. 4 is a flow chart of an access method according to an embodiment of the present application;
fig. 5 is a schematic flow chart of an access method according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an access device according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an access device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of another communication system according to an embodiment of the present application.
Detailed Description
The following describes in detail an access method, an access device and a storage medium of a management server according to an embodiment of the present application with reference to the accompanying drawings.
The term "and/or" is herein merely an association relationship describing an associated object, meaning that there may be three relationships, e.g., a and/or B, may represent: a exists alone, A and B exist together, and B exists alone.
The terms "first" and "second" and the like in the description and in the drawings are used for distinguishing between different objects or between different processes of the same object and not for describing a particular order of objects.
Furthermore, references to the terms "comprising" and "having" and any variations thereof in the description of the present application are intended to cover a non-exclusive inclusion. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed but may optionally include other steps or elements not listed or inherent to such process, method, article, or apparatus.
It should be noted that, in the embodiments of the present application, words such as "exemplary" or "such as" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" or "e.g." in an embodiment should not be taken as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.
In the description of the present application, unless otherwise indicated, the meaning of "a plurality" means two or more.
Before describing embodiments of the present application, the terms in the embodiments of the present application will be explained.
Security software: may also be referred to as terminal device security software, may be used to detect and remove viruses, worms and trojan horse programs from the terminal device. The terminal equipment security software generally has functions of real-time program monitoring and identification, malicious program scanning, cleaning, virus database automatic updating and the like. The terminal equipment security software also has the functions of damage recovery and the like.
Terminal equipment security software is an important component of terminal equipment defense systems (including terminal equipment security software, firewalls, trojan horse programs and other malware protection and deletion programs, intrusion prevention systems, etc.). The terminal equipment security software can monitor the operation of the terminal equipment in real time and scan whether the operating system of the terminal equipment contains malicious programs such as viruses. The terminal device security software may be booted via the operating system followed by a resident program boot (e.g., a boot-up boot).
The terminal device security software may have different techniques for immediate monitoring. For example, the terminal device security software may use a portion of the memory of the terminal device to compare the data characteristics of the program being run by the terminal device with the virus database to determine whether the program being run by the terminal device is a malicious program. For another example, the terminal device security software may also use a portion of the memory of the terminal device to simulate actions allowed by the operating system or the terminal device, so that the tested program runs the requirements of the internal code. The security software of the installation terminal equipment can judge whether the tested program is a malicious program according to the action of the tested program.
As more and more terminal devices need to be managed by enterprises, most terminal device security software of the terminal devices adopts a client/server architecture to realize multi-terminal device management. Under such architecture, one management server can manage only one area of terminal devices. However, some areas where the terminal devices are located are not fixed, and scenes where the terminal devices move between different areas exist. When a terminal device moves from one area to another, the management server to which the terminal device has access changes, but how to enable the terminal device to quickly access the corresponding area management server when the terminal device is in a different area becomes a problem to be solved.
For the above problems, the following two solutions can be adopted:
1. the terminal devices of the management server that need to access the area are manually migrated by the administrator. But this approach is inefficient and does not meet the need for fast switching.
2. When the terminal equipment roams to another area, if the information such as network segment of the terminal equipment is found to change, the terminal equipment can ask the roaming server for the information of all management servers, and inquire the information of the management server of the area according to the information and access the management server of the area.
However, this approach requires additional deployment of the roaming server, which is costly.
In view of this, an embodiment of the present application provides an access method for a management server, including:
the terminal equipment responds to the first login operation and sends first request information to the authentication server, wherein the first request information is used for requesting a management server of the area where the access terminal equipment is currently located. The authentication server may verify the terminal device after receiving the first request information from the terminal device. And under the condition that the verification of the terminal equipment is passed, the authentication server can detect whether the terminal equipment has a configuration file corresponding to a preset protocol. If the authentication server detects that the terminal equipment has a configuration file corresponding to a preset protocol, based on the preset protocol, first indication information is sent to the terminal equipment, wherein the first indication information is used for indicating a target management server, and the target management server is a management server of an area where the terminal equipment is currently located. Further, the terminal device may determine the accessed management server after receiving the first instruction information from the authentication server.
An access method (hereinafter referred to as an access method) of a management server according to an embodiment of the present application is described below with reference to the accompanying drawings.
The access method provided by the embodiment of the present application may be applied to the communication system shown in fig. 1, and as shown in fig. 1, the communication system 10 may include a terminal device 11, an authentication server 12, a management server 13, and a management server 14. The terminal device 11 is communicatively connected to the authentication server 12, the management server 13, and the management server 14, respectively. The management server 13 and the management server 14 may be communicatively connected to the authentication server 12. For example, a wireless communication connection is possible.
The architecture between the terminal device 11 and the management server 13, and the architecture between the terminal device 11 and the management server 14 may be referred to as a client/management server architecture (abbreviated as C/S architecture), or a master-slave architecture. Through this architecture, clients can be distinguished from management servers.
The C/S architecture is a network architecture in which a client is a personal computer (personal computer, PC) or workstation on which a user runs an application program, and relies on a management server to obtain resources. The C/S architecture reduces network traffic by providing query responses rather than total file transfers. It allows multi-terminal devices to update to the shared database through a graphical user interface (graphical user interface, GUI). The client and the management server generally communicate by remote call or standard query language statement.
The terminal device 11 may be configured to download and install security software, and may further register a preset protocol. The terminal device 11 may access the management server securely based on the preset protocol. For example, the terminal device 11 may be a computer, a personal computer, a notebook, or the like. The terminal device 11 comprises preset security software (which may also be referred to as a client).
The authentication server 12 is configured to detect whether or not a preset protocol exists in the terminal device 11, and in the case where the terminal device 11 has the preset protocol, send the internet protocol (internet protocol, IP) address and port information of the management server of the area where the terminal device 11 is located to the terminal device 11.
The management server 13 and the management server 14 are respectively used for managing the terminal devices in the preset areas, and providing data resources for the terminal devices in the preset areas. For example, the management server 13 may be used to manage the terminal devices within the first preset area. The management server 14 may be used to manage the terminal devices within the second preset area. The first preset area and the second preset area are different areas.
It should be noted that, when the terminal device moves from the first preset area to the second preset area, the terminal device needs to acquire the data resource through the management server 14, but the terminal device is not registered in the area where the management server 14 is located. That is, the terminal device needs to acquire data resources from the management server 14 by roaming across servers. At this time, the management server 14 may be referred to as a cross-domain server. Wherein the mobile means a change in the geographical location of the terminal device and the roaming means that the terminal device is connected to a management server not belonging to the terminal device registry.
It should be noted that fig. 1 is only an exemplary architecture, and the access system may further include other functional units besides the functional units shown in fig. 1, which is not limited by the embodiment of the present application.
In particular implementations, each device in fig. 1 may employ the constituent structure shown in fig. 2, or include the components shown in fig. 2. Fig. 2 is a schematic diagram of an access device 20 according to an embodiment of the present application, where the access device 20 includes a processor 201, a communication interface 202, a communication line 203, and a memory 204.
The processor 201 may be a CPU, general purpose processor network processor (network processor, NP), digital signal processor (digital signal processing, DSP), microprocessor, microcontroller, programmable logic device (programmable logic device, PLD), or any combination thereof, among others. The processor 201 may also be other devices with processing functions, such as, without limitation, circuits, devices, or software modules. In one example, processor 201 may include one or more CPUs, such as CPU0 and CPU1 in fig. 2.
Communication interface 202 is used for data processing with other devices or other data processing networks. The other data processing network may be an ethernet, a radio access network (radio access network, RAN) device, a wireless local area network (wireless local area networks, WLAN), etc. The communication interface may be a module, a circuit, a data processing interface, or any device capable of performing data processing.
Communication lines 203 for communicating messages between the various components included in the access system.
Memory 204 for storing instructions. Wherein the instructions may be computer programs.
The memory 204 may be, but is not limited to, a read-only memory (ROM) or other type of static storage device capable of storing static messages and/or instructions, a random access memory (random access memory, RAM) or other type of dynamic storage device capable of storing messages and/or instructions, an EEPROM, a CD-ROM (compact disc read-only memory) or other optical disk storage, an optical disk storage (including compact disk, laser disk, optical disk, digital versatile disk, blu-ray disk, etc.), a magnetic disk storage medium or other magnetic storage device, etc.
It should be noted that the memory 204 may exist separately from the processor 201 or may be integrated with the processor 201. Memory 204 may be used to store instructions or program code or some network data, etc. Memory 302 may be located within access device 20 or may be located outside of access device 20, without limitation. The processor 201 is configured to execute instructions stored in the memory 204 to implement an access method according to the following embodiments of the present application.
As an alternative implementation, the access device 20 comprises a plurality of processors, e.g. in addition to the processor 201 in fig. 2, a processor 207 may be included.
As an alternative implementation, the access apparatus 20 further comprises an output device 205 and an input device 206. Illustratively, the input device 206 is a keyboard, mouse, microphone, or joystick device, and the output device 205 is a display screen, speaker (spaker), or the like.
In the embodiment of the application, the chip system can be composed of chips, and can also comprise chips and other discrete devices.
Further, actions, terms, and the like, which are referred to between embodiments of the present application, are not limited thereto. The message names of interactions between the devices or parameter names in the messages in the embodiments of the present application are just an example, and other names may be used in specific implementations without limitation.
The access method provided by the embodiment of the application can be applied to the access device shown in the foregoing fig. 1 or fig. 2.
The implementation subject of the access method provided by the application is an authentication server, and may be a chip or a system on a chip in the authentication server, and the like, without limitation.
As shown in fig. 3, an access method provided by an embodiment of the present disclosure may include: S301-S304.
S301, responding to a first login operation, the terminal device sends first request information to an authentication server, and correspondingly, the authentication server receives the first request information from the terminal device.
The terminal device may be the terminal device 11 in fig. 1, or a device, such as a chip, in the terminal device 11, or a client in the terminal device 11. The authentication server may be the authentication server 12 in fig. 1, or may be a device, such as a chip, in the authentication server 12.
The first login operation may be an operation that a user inputs an account and a corresponding password through an authentication interface.
In one example, after the terminal device accesses the network of the preset area, the data resource can be acquired through the public network only if the terminal device has the authority to use the network. The network may be an intranet (e.g., an office area network). For example, the user may input an account and a corresponding password through a login interface corresponding to the public network. The authentication interface may be associated with an authentication server.
It should be noted that, if the terminal device does not have the authority to use the network, the browser may be automatically redirected to the login interface in response to an operation of opening the browser of the terminal device. For example, the automatic redirection procedure may be: in response to a user's operation of inputting and accessing a URL using a preset browser, the terminal device transmits a request message to the gateway, the request message may include IP address information of the terminal device and the URL; after receiving the request information from the terminal equipment, the gateway equipment detects whether the IP address of the terminal equipment has the authority to use the network; if not, the gateway can feed back first login page information to the terminal device through a domain name system (domain name system, DNS), wherein the first login page information can be used for associating a login page, for example, a link of the login page can be included; after receiving the first login page, the terminal equipment can display a login interface through a browser.
The first request information is used for requesting to acquire required data through a network of the area. For example, the first request information may include a target account number and a corresponding password.
As a possible implementation manner, the terminal device may input the account number and the corresponding password on a login interface of a preconfigured browser. In response to the user clicking the "ok" button of the login interface, the terminal device may send first indication information to the authentication server.
S302, detecting whether the terminal equipment has a configuration file corresponding to a preset protocol or not by the authentication server under the condition that the target account passes verification.
The target account verification may be that the authentication server determines that the account and the corresponding password in the first request information are correct. For example, the authentication server may be preconfigured with a plurality of accounts and a password corresponding to each account. If the account number in the first request information is consistent with the corresponding password, the account number stored in the authentication server and the corresponding password, determining that the verification of the target account number is passed; otherwise, determining that the target account number is not verified.
It should be noted that, in the case that the target account number is not verified, the terminal device may access the network, but cannot use the network to obtain data from other devices/servers.
The preset protocol can be used for the terminal equipment to safely access the target management server.
In one example, the preset protocol may be a terminal device security protocol. The format of the face protocol may be as follows:
osce://{action}/{key1=value1}&{key2=value2}。
wherein, action represents action to be done, and key and value respectively represent different parameter information. For example, when the terminal device registers with the authentication server, the preset protocol may be as follows:
osce://register/serverIP=10.21.142.12 1&serverPort=8080。
wherein, the register of the preset protocol represents registration, serverip= 10.21.142.121 is IP address information of the authentication server, and service Port (serverport) =8080 is Port information of the authentication server.
In one possible implementation manner, the authentication server may send a third indication information to the terminal device, where the third indication information is used to instruct the terminal device to detect whether the terminal device has a configuration file corresponding to a preset protocol. The terminal device may send the first feedback information to the authentication server after receiving the third indication information sent by the authentication server. Correspondingly, the authentication server receives first feedback information from the terminal equipment, wherein the first feedback information is used for indicating whether the terminal equipment has a configuration file corresponding to a preset protocol.
For example, if the first feedback message includes the first indicator, the authentication server may determine that the terminal device has a configuration file corresponding to a preset protocol. If the first feedback message does not include the first indicator, the authentication server may determine that the terminal device does not have a configuration file corresponding to the preset protocol.
The first indicator may be used to indicate that the terminal device has a configuration file corresponding to a preset protocol or that the terminal device has registered the preset protocol. The first indicator may be a number, a letter, or a combination of numbers and letters.
The terminal device may detect whether the terminal device has a configuration file corresponding to a preset protocol by detecting whether the terminal device pre-configures one or more of a browser having a preset tag, a preset URL, and whether a preset event is generated. The preset browser corresponding to the terminal device may be a Firefox (Firefox) browser, google browser, IE browser, and other types of browsers, which are not limited herein.
For example, if the browser preconfigured by the terminal device is a fire fox browser, when the terminal device registers a preset protocol, the fire fox browser may be instructed to temporarily generate an iFrame tag and set a uniform resource locator (uniform resource locator, URL) of the iFrame to a preset URL. Subsequently, in the case where the terminal device needs to detect whether to register the preset protocol (e.g., when receiving an instruction from the authentication server to feed back whether to register the preset protocol), if the terminal device detects the preset URL, the terminal device may send first feedback information with the first indicator to the authentication server. If the terminal device does not detect that the preset URL exists, the terminal device may send first feedback information without the first indicator to the authentication server.
For another example, if the browser preconfigured by the terminal device is a google browser, when the terminal device registers a preset protocol, the terminal device may instruct the google browser to modify the URL of the login page/window into the protocol format of the preset protocol. Subsequently, if the terminal device can monitor that the google browser generates a blu event under the condition that the terminal device needs to detect whether to register the preset protocol, the first feedback information with the first indicator can be sent to the authentication server. If the terminal device does not monitor that the google browser generates a blast event, the terminal device may send first feedback information without the first indicator to the authentication server.
For another example, if the browser preconfigured by the terminal device is an IE browser, when the terminal device registers a preset protocol, the terminal device may instruct the IE browser to temporarily generate an iFrame tag, and set the URL of the iFrame tag to be a preset URL. Subsequently, if the terminal device can monitor that the IE browser generates the blast event information under the condition that the terminal device needs to detect whether to register the preset protocol, the first feedback information with the first indicator can be sent to the authentication server. If the terminal device cannot monitor that the IE browser generates the blast event, the first feedback information without the first indicator can be sent to the authentication server.
S303, if the terminal equipment is detected to have the configuration file corresponding to the preset protocol, the authentication server sends first indication information to the terminal equipment based on the preset protocol. Correspondingly, the terminal device receives a first indication message from the authentication server.
The first indication information is used for indicating the target management server. For example, the first indication information may include: IP address of the target management server, port of the target management server, and the like. The target management server is a management server of the area where the terminal equipment is currently located. For example, it may be the management server 14 in fig. 1.
The authentication server sending the first indication information to the terminal device based on the preset protocol may be that the authentication server encapsulates the first indication information into a format of the preset protocol, and sends the encapsulated first indication information to the terminal device.
For example, in combination with the above-mentioned service protocol, the first indication information after encapsulation may be as follows:
osce://access/serverIP=10.21.142.13&serverPort=121。
wherein access represents access, serverip= 10.21.142.13 is IP address information of the target management server, and serverport=121 is port information of the target management server.
Further, in order to ensure the security of the indication information, the authentication server may encrypt the first indication information by using a preset encryption key, sign the encrypted first indication information, obtain first message data, and send the first message data to the sending terminal device. The preset encryption key may be preconfigured by the authentication server.
After receiving the first message data from the authentication server, the terminal device can verify the signature of the first message data, and decrypt the first data packet by using a preset decryption key under the condition that the signature of the first message data is correct, so as to obtain first indication information. Wherein the preset decryption key corresponds to the preset encryption key.
It should be noted that the preset encryption key and the preset decryption key may be symmetric keys or asymmetric passwords, which are not limited.
S304, the terminal equipment sends first access request information to the target management server under the condition that the target management server meets the preset condition. Correspondingly, the target management server receives first access request information sent by the terminal equipment.
The preset condition may be used to determine whether to access the target management server. For example, the preset conditions may include: the information of the target management server is the same as the information of the first management server, or when the information of the target management server is different from the information of the first management device, the time difference between the time when the terminal device accesses the first management server and the current time is greater than the preset duration. The information of the management server may include one or more of IP information, identification, port information of the management server. The first management server may be a management server to which the terminal device is connected in a first preset period. The first preset period is a period before the current time.
The first access request information is used for requesting to access the target management server. For example, the first access request information may include: one or more of a globally unique identifier (globally unique Identifier, GUID) of a preset security procedure in the terminal device, a media access control (media access control address, mac) address, an IP address, a preset security procedure version number, an engine model version number, information of a target management server.
According to the technical scheme provided by the embodiment of the application, the authentication server verifies the terminal equipment after receiving the first request information from the terminal equipment, wherein the first request information is used for requesting the management server of the area where the access terminal equipment is currently located. And under the condition that the verification of the terminal equipment is passed, the authentication server detects whether the terminal equipment has a configuration file corresponding to a preset protocol. If the terminal equipment is detected to have the configuration file corresponding to the preset protocol, the authentication server sends first indication information to the terminal equipment based on the preset protocol, wherein the first indication information is used for indicating a target management server, and the target management server is a management server of an area where the terminal equipment is currently located. Because the preset protocol is used for the terminal equipment to safely access the target management server, the authentication server can send the information of the management server in the current area of the terminal equipment to the terminal equipment through the preset protocol. After receiving the information of the management server at the current position, the terminal equipment can automatically migrate and access, and the whole process does not need any operation of a user, so that the non-perception cross-server roaming is realized, and the efficiency of accessing the management server is improved.
In a possible embodiment, as shown in fig. 4, the method provided in the embodiment of the present application may further include the following S401:
s401, if the terminal equipment is detected not to have the configuration file corresponding to the preset protocol, the authentication server sends second indication information to the terminal equipment. Correspondingly, the terminal equipment receives the second indication information sent by the authentication server.
The second indication information is used for indicating the terminal equipment to install a preset security program so that the terminal equipment registers a preset protocol. For example, the second indication information includes first link information associated with a preset security program. The preset security program is used for monitoring whether the terminal equipment has a malicious program or not. Specifically, the function of the preset security program may refer to the description in the above explanation of nouns, and will not be repeated.
Further, the terminal device may obtain an installation package of the preset security program through the first link information, and after the terminal device starts the installation package, if the terminal device detects a registry or a protocol header having the preset security program, it may determine that the preset security program has been installed. In the case of determining that the terminal device has installed the preset security program, the terminal device may compare version information (e.g., version update time, version number) of the installation package with version information of the preset security program that has been installed, and if the version information of the installation package is inconsistent with the version information of the preset security program that has been installed, the terminal device may update/upgrade the preset security program that has been installed through the installation package.
In the embodiment of the present application, when the terminal device registers the preset protocol, different preset protocol registration methods may be used according to the preset operating system. Terminal devices of different operating systems have different preset protocol registration methods. For example, the operating system may include a Windows operating system, a Mac operating system. The following describes the pre-protocol registration method corresponding to the two operating systems respectively.
1. When the operating system of the terminal equipment is a Windows operating system, the terminal equipment can write the configuration file corresponding to the preset protocol into the HKEY_CURRENT_USER\Software\classes table item.
2. When the operating system of the terminal device is a Mac operating system, the terminal device may put a configuration file corresponding to a preset protocol into a URL Schemes box in the development tool Xcode.
Therefore, when the terminal equipment is detected not to have the configuration file corresponding to the preset protocol, the authentication server sends the second indication information to the terminal equipment, so that the terminal equipment can be better guided to be connected with the management server.
In a possible embodiment, as shown in fig. 5, in the foregoing method for accessing a management server according to the embodiment of the present application, in the case where a target management server meets a preset condition in S304, a method for sending, by a terminal device, first access request information to the target management server may specifically include the following steps S3041 to S3045:
S3041, the terminal equipment judges whether the target management server is the first management server.
The first management server is a management server accessed by the terminal equipment in a first preset time period, wherein the first preset time period is a previous time period before the current time.
S3042, if the target management server is the first management server, the terminal device sends first access request information to the target management server.
S3043, if the target management server is not the first management server, the terminal device judges whether the time difference between the time of accessing the first management server and the current time is greater than the preset duration.
The preset duration may be preset, for example, may be 10 minutes.
As a possible implementation manner, the terminal device may compare the time stamp recorded when accessing the first management server with the current time to determine whether the time difference between the time when accessing the first management server and the current time is greater than the preset duration.
S3044, if the time difference between the time when the terminal device accesses the first management server and the current time is greater than the preset duration, the terminal device sends first access request information to the target management server.
Further, after the target management server receives the first access request information from the terminal device, it may be determined whether to allow the access of the terminal device.
For example, if the target management server determines that the terminal device is a newly accessed terminal device and the terminal device is a legal device, the target management server may perform a synchronization information operation, where the synchronization information operation may be: and configuring the scanning frequency, the scanning strategy and the like of preset security software in the terminal equipment.
S3045, if the time difference between the time when the terminal device accesses the first management server and the current time is smaller than the preset duration, the terminal device gives up accessing the target management server.
Therefore, the client can meet the cross-server access requirement, and meanwhile, the frequent registration of some clients is avoided, and the server resources are wasted.
The embodiment of the application can divide the functional modules or functional units of the server according to the method example, for example, each functional module or functional unit can be divided corresponding to each function, or two or more functions can be integrated in two modules. The integrated modules may be implemented in hardware, or in software functional modules or functional units. The division of the modules or units in the embodiment of the present application is schematic, which is merely a logic function division, and other division manners may be implemented in practice.
Fig. 6 shows a schematic diagram of one possible architecture of the access device involved in the above embodiment. As shown in fig. 6, the access device 50 includes: a receiving unit 501, a detecting unit 502, and a transmitting unit 503.
The receiving unit 501 is configured to receive first request information from a terminal device that logs in a target account, where the first request information includes the target account and a corresponding password. For example, as shown in fig. 3, the receiving unit 501 may be used to perform S301.
And the detecting unit 502 is configured to detect whether the terminal device has a configuration file corresponding to a preset protocol if the terminal device passes the verification. For example, as shown in fig. 3, the detection unit 502 may be used to perform S302.
The sending unit 503 is configured to send, after detecting that the terminal device has a configuration file corresponding to a preset protocol, first indication information to the terminal device based on the preset protocol, where the preset protocol is used for the terminal device to safely access to a target management server, and the first indication information is used for indicating the target management server, where the target management server is a management server in an area where the terminal device is currently located. For example, as shown in fig. 3, the transmission unit 503 may be used to perform S303.
In a possible design, the detection unit 502 is specifically configured to: sending third indication information to the terminal equipment, wherein the third indication information is used for indicating the terminal equipment to detect whether the terminal equipment has a configuration file corresponding to a preset protocol or not; and receiving first feedback information from the terminal equipment, wherein the first feedback information is used for indicating whether the terminal equipment has a configuration file corresponding to a preset protocol. For example, as shown in fig. 3, the detection unit 502 may be used to perform S304.
In a possible design, the sending unit 503 is further configured to send, when detecting that the terminal device does not have a configuration file corresponding to the preset protocol, second instruction information to the terminal device, where the second instruction information is used to instruct the terminal device to install the preset security program, so that the terminal device registers the preset protocol, and the preset security program is used to monitor whether the terminal device has a malicious program. For example, as shown in fig. 4, the transmission unit 503 may be used to perform S401.
Fig. 7 shows a schematic diagram of one possible architecture of the access device involved in the above embodiment. As shown in fig. 7, the access device 60 includes: a transmitting unit 601 and a receiving unit 602.
And the sending unit 601 is configured to send, in response to the first login operation, first request information to the authentication server, where the first request information includes the target account number and a corresponding password.
The receiving unit 602 is configured to receive first indication information from the authentication server, where the first indication information is used to indicate the target management server, the first indication information is sent by the authentication server when it is determined that the terminal device has a configuration file of a preset protocol, the preset protocol is used for the terminal device to safely access to the target management server, and the target management server is a management server in an area where the terminal device is currently located.
The sending unit 601 is further configured to send the first access request information to the target management server if the target management server meets a preset condition.
In a possible design, as shown in fig. 7, the access device 60 further comprises a processing unit 603; a receiving unit 602, configured to receive second instruction information from the authentication server, where the second instruction information is used to instruct the terminal device to install a preset security program, and the second instruction information includes first link information, where the first link information is associated with the preset security program; the processing unit 603 is configured to obtain and install a preset security program corresponding to an operating system of the terminal device according to the first link information, and register a preset protocol.
In a possible design, the sending unit 601 is further configured to send, if the target management server is a first management server, first access request information to the target management server, where the first management server is a management server that is accessed by the terminal device in a first preset period of time; the first preset time period is before a time period before the current time; the sending unit 601 is further configured to send first access request information to the target management server when the target management server is not the first management server and a time difference between a time when the terminal device accesses the first management server and a current time is greater than a preset duration.
In a possible embodiment, as shown in fig. 8, the embodiment of the present application further provides a communication system 70, where the communication system 70 can authenticate the server 701 and the terminal device 702. The authentication server 701 may be used to perform S301 and S304 in fig. 3 described above, and the terminal device 702 may be used to perform S302, S303 in fig. 3 described above, and S401 in fig. 4.
From the foregoing description of the embodiments, it will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of functional modules is illustrated, and in practical application, the above-described functional allocation may be implemented by different functional modules according to needs, i.e. the internal structure of the apparatus is divided into different functional modules to implement all or part of the functions described above. The specific working processes of the above-described systems, devices and units may refer to the corresponding processes in the foregoing method embodiments, which are not described herein.
An embodiment of the present application provides a computer program product containing instructions, which when run on a computer, cause the computer to perform the method for accessing a management server according to the above method embodiment.
The embodiment of the application also provides a computer readable storage medium, in which instructions are stored, when the access device of the management server executes the instructions, the access device of the management server executes each step executed by the access device of the management server in the method flow shown in the method embodiment.
The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access Memory (Random Access Memory, RAM), a Read-Only Memory (ROM), an erasable programmable Read-Only Memory (Erasable Programmable Read Only Memory, EPROM), a register, a hard disk, an optical fiber, a portable compact disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing, or any other form of computer readable storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an application specific integrated circuit (Application Specific Integrated Circuit, ASIC). In embodiments of the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The foregoing is merely illustrative of specific embodiments of the present application, and the scope of the present application is not limited thereto, but any changes or substitutions within the technical scope of the present application should be covered by the scope of the present application. Therefore, the protection scope of the present application should be subject to the protection scope of the claims.

Claims (6)

1. An access method of a management server, applied to a terminal device, the method comprising:
responding to a first login operation, and sending first request information to an authentication server, wherein the first request information comprises a target account number and a corresponding password;
receiving first indication information from the authentication server, wherein the first indication information is used for indicating a target management server, the first indication information is sent by the authentication server under the condition that the authentication server determines that the terminal equipment has a configuration file with a preset protocol, the preset protocol is used for enabling the terminal equipment to safely access the target management server, and the target management server is a management server of an area where the terminal equipment is currently located;
under the condition that the target management server meets a preset condition, first access request information is sent to the target management server;
And accessing the target management server under the condition that the target management server meets the preset condition, comprising:
if the target management server is a first management server, the first access request information is sent to the target management server, wherein the first management server is a management server accessed by the terminal equipment in a first preset time period, and the first preset time period is a time period before the current time;
and if the target management server is not the first management server and the time difference between the time when the terminal equipment is accessed to the first management server and the current time is greater than a preset duration, sending first access request information to the target management server.
2. The method according to claim 1, wherein the method further comprises:
receiving second indication information from the authentication server, wherein the second indication information is used for indicating the terminal equipment to install a preset security program, the second indication information comprises first link information, and the first link information is associated with the preset security program;
and acquiring and installing a preset security program corresponding to an operating system of the terminal equipment according to the first link information, and registering the preset protocol.
3. An access device for a management server, applied to a terminal device, comprising: a transmitting unit and a receiving unit;
the sending unit is used for responding to a first login operation and sending first request information to the authentication server, wherein the first request information comprises a target account number and a corresponding password;
the receiving unit is configured to receive first indication information from the authentication server, where the first indication information is used to indicate a target management server, where the first indication information is sent by the authentication server when it is determined that the terminal device has a configuration file with a preset protocol, where the preset protocol is used for the terminal device to safely access the target management server, and the target management server is a management server in an area where the terminal device is currently located;
the sending unit is further configured to send first access request information to the target management server if the target management server meets a preset condition;
the sending unit is further configured to send the first access request information to the target management server when the target management server is a first management server, where the first management server is a management server that the terminal device accesses in a first preset time period; the first preset time period is the time period before the current time;
The sending unit is further configured to send first access request information to the target management server when the target management server is not the first management server, and a time difference between the time when the terminal device accesses the first management server and the current time is greater than a preset duration.
4. The access device of claim 3, further comprising a processing unit;
the receiving unit is used for receiving second indication information from the authentication server, the second indication information is used for indicating the terminal equipment to install a preset security program, the second indication information comprises first link information, and the first link information is associated with the preset security program;
the processing unit is configured to acquire and install a preset security program corresponding to an operating system of the terminal device according to the first link information, and register the preset protocol.
5. A terminal device, characterized in that the terminal device comprises: a processor, a communication interface, and a memory; wherein the memory is adapted to store one or more programs, the one or more programs comprising computer-executable instructions that, when executed by the terminal device, cause the terminal device to perform the method of claim 1 or 2.
6. A computer readable storage medium storing one or more programs, wherein the one or more programs comprise instructions, which when executed by a computer, cause the computer to perform the method of claim 1 or 2.
CN202210128933.3A 2022-02-11 2022-02-11 Access method, device, equipment and storage medium of management server Active CN114629683B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210128933.3A CN114629683B (en) 2022-02-11 2022-02-11 Access method, device, equipment and storage medium of management server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210128933.3A CN114629683B (en) 2022-02-11 2022-02-11 Access method, device, equipment and storage medium of management server

Publications (2)

Publication Number Publication Date
CN114629683A CN114629683A (en) 2022-06-14
CN114629683B true CN114629683B (en) 2023-09-05

Family

ID=81898125

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210128933.3A Active CN114629683B (en) 2022-02-11 2022-02-11 Access method, device, equipment and storage medium of management server

Country Status (1)

Country Link
CN (1) CN114629683B (en)

Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1335719A (en) * 2000-06-12 2002-02-13 索尼公司 Image content providing reproducting method, system, equipment and its storage media
CN1553741A (en) * 2003-05-30 2004-12-08 ��Ϊ�������޹�˾ Method and system for providing user network roam
CN101272627A (en) * 2008-04-30 2008-09-24 杭州华三通信技术有限公司 Network access control method and apparatus for implementing roaming
CN101448138A (en) * 2008-12-29 2009-06-03 深圳市同洲电子股份有限公司 Method, system and server for inserting video advertisement
CN101656959A (en) * 2009-09-10 2010-02-24 中兴通讯股份有限公司 Method, apparatus and system for obtaining MN-HA key in HA of PMIP
CN101958846A (en) * 2010-11-03 2011-01-26 北京北信源软件股份有限公司 Method for client roaming across servers
CN101990202A (en) * 2009-07-29 2011-03-23 中兴通讯股份有限公司 Method for updating user policy and application server
CN102761525A (en) * 2011-04-28 2012-10-31 中国电信股份有限公司 IMS (IP multimedia subsystem) fixed terminal, management server, roaming control method and roaming control system
CN102843437A (en) * 2012-09-17 2012-12-26 北京星网锐捷网络技术有限公司 Conversion method and device for webpage application and network device
CN105530644A (en) * 2016-02-19 2016-04-27 上海斐讯数据通信技术有限公司 Wireless authentication method and system
JP2016096440A (en) * 2014-11-13 2016-05-26 キヤノン株式会社 Video image coded data transmission device, management device, and program
CN105991576A (en) * 2015-02-10 2016-10-05 杭州华三通信技术有限公司 Issuing method of safety strategy and equipment thereof
JP2016213709A (en) * 2015-05-11 2016-12-15 株式会社Nttドコモ Moving image reproduction system, client device, server device, and program
CN106899642A (en) * 2015-12-21 2017-06-27 阿里巴巴集团控股有限公司 A kind of Internet of Things link management method and equipment
CN106961377A (en) * 2016-01-12 2017-07-18 北大方正集团有限公司 Message synchronization method and message synchronization system
CN108063840A (en) * 2018-01-23 2018-05-22 广东欧珀移动通信有限公司 Access the method and Related product of network
CN108234569A (en) * 2016-12-21 2018-06-29 青岛祥智电子技术有限公司 A kind of method of client roaming across servers
CN111314343A (en) * 2020-02-18 2020-06-19 中国联合网络通信集团有限公司 Account management method and device and readable storage medium
CN112583799A (en) * 2020-12-03 2021-03-30 深圳市镜玩科技有限公司 Processing method, related device, equipment and medium for registered account
CN112671778A (en) * 2020-12-25 2021-04-16 北京百度网讯科技有限公司 Account management method, account management device, account management equipment and storage medium for electronic equipment
CN113938919A (en) * 2021-09-03 2022-01-14 中国联合网络通信集团有限公司 Data analysis method and device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004062402A (en) * 2002-07-26 2004-02-26 Fujitsu Ltd Timeout management system, timeout management server and timeout management program
JP2015184718A (en) * 2014-03-20 2015-10-22 富士通株式会社 Start management apparatus, start management method, and start management program
US11057134B2 (en) * 2018-12-20 2021-07-06 Viamedia, Inc. Integrating digital advertising with cable tv network and broadcast advertising

Patent Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1335719A (en) * 2000-06-12 2002-02-13 索尼公司 Image content providing reproducting method, system, equipment and its storage media
CN1553741A (en) * 2003-05-30 2004-12-08 ��Ϊ�������޹�˾ Method and system for providing user network roam
CN101272627A (en) * 2008-04-30 2008-09-24 杭州华三通信技术有限公司 Network access control method and apparatus for implementing roaming
CN101448138A (en) * 2008-12-29 2009-06-03 深圳市同洲电子股份有限公司 Method, system and server for inserting video advertisement
CN101990202A (en) * 2009-07-29 2011-03-23 中兴通讯股份有限公司 Method for updating user policy and application server
CN101656959A (en) * 2009-09-10 2010-02-24 中兴通讯股份有限公司 Method, apparatus and system for obtaining MN-HA key in HA of PMIP
CN101958846A (en) * 2010-11-03 2011-01-26 北京北信源软件股份有限公司 Method for client roaming across servers
CN102761525A (en) * 2011-04-28 2012-10-31 中国电信股份有限公司 IMS (IP multimedia subsystem) fixed terminal, management server, roaming control method and roaming control system
CN102843437A (en) * 2012-09-17 2012-12-26 北京星网锐捷网络技术有限公司 Conversion method and device for webpage application and network device
JP2016096440A (en) * 2014-11-13 2016-05-26 キヤノン株式会社 Video image coded data transmission device, management device, and program
CN105991576A (en) * 2015-02-10 2016-10-05 杭州华三通信技术有限公司 Issuing method of safety strategy and equipment thereof
JP2016213709A (en) * 2015-05-11 2016-12-15 株式会社Nttドコモ Moving image reproduction system, client device, server device, and program
CN106899642A (en) * 2015-12-21 2017-06-27 阿里巴巴集团控股有限公司 A kind of Internet of Things link management method and equipment
CN106961377A (en) * 2016-01-12 2017-07-18 北大方正集团有限公司 Message synchronization method and message synchronization system
CN105530644A (en) * 2016-02-19 2016-04-27 上海斐讯数据通信技术有限公司 Wireless authentication method and system
CN108234569A (en) * 2016-12-21 2018-06-29 青岛祥智电子技术有限公司 A kind of method of client roaming across servers
CN108063840A (en) * 2018-01-23 2018-05-22 广东欧珀移动通信有限公司 Access the method and Related product of network
CN111314343A (en) * 2020-02-18 2020-06-19 中国联合网络通信集团有限公司 Account management method and device and readable storage medium
CN112583799A (en) * 2020-12-03 2021-03-30 深圳市镜玩科技有限公司 Processing method, related device, equipment and medium for registered account
CN112671778A (en) * 2020-12-25 2021-04-16 北京百度网讯科技有限公司 Account management method, account management device, account management equipment and storage medium for electronic equipment
CN113938919A (en) * 2021-09-03 2022-01-14 中国联合网络通信集团有限公司 Data analysis method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于WebService的动态NDS应用研究;徐文 王华军;电脑与电信(第11期);全文 *

Also Published As

Publication number Publication date
CN114629683A (en) 2022-06-14

Similar Documents

Publication Publication Date Title
US10291631B2 (en) System for testing computer application
US10686758B2 (en) Elastic outbound gateway
US11888890B2 (en) Cloud management of connectivity for edge networking devices
US9231973B1 (en) Automatic intervention
EP3499839B1 (en) Mobile device management and security
EP2907289B1 (en) Providing virtualized private network tunnels
US11663030B2 (en) Extending expiration of user sessions with authentication refresh
US7966650B2 (en) Dynamic internet address assignment based on user identity and policy compliance
US20090217346A1 (en) Dhcp centric network access management through network device access control lists
KR20190015273A (en) Hardware-based virtualized security isolation techniques
EP3298527A1 (en) Secured access control to cloud-based applications
US11792194B2 (en) Microsegmentation for serverless computing
US20220201041A1 (en) Administrative policy override in microsegmentation
US11588859B2 (en) Identity-based enforcement of network communication in serverless workloads
CN114629683B (en) Access method, device, equipment and storage medium of management server
Kalil Policy Creation and Bootstrapping System for Customer Edge Switching
US20240129297A1 (en) Domain ownership verification for a ztna service platform
US20240129310A1 (en) Hybrid appliance for zero trust network access to customer applications
US20240129278A1 (en) Dynamic routing of application traffic to ztna connectors
US20240129277A1 (en) Alias domains for accessing ztna applications
US20240129296A1 (en) Cloud-based zero trust network access service
US20240126868A1 (en) Validation of ztna configuration for a multi-tenant proxy environment
WO2023069129A1 (en) Network appliances for secure enterprise resources
Frank Securing Smart Homes with OpenFlow: Feasibility, Implementation, and Performance
WO2024081014A1 (en) Cloud-based zero trust network access services

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant