CN115580468A - Industrial internet safety system and method based on SDP and edge calculation - Google Patents

Industrial internet safety system and method based on SDP and edge calculation Download PDF

Info

Publication number
CN115580468A
CN115580468A CN202211209878.7A CN202211209878A CN115580468A CN 115580468 A CN115580468 A CN 115580468A CN 202211209878 A CN202211209878 A CN 202211209878A CN 115580468 A CN115580468 A CN 115580468A
Authority
CN
China
Prior art keywords
sdp
edge
industrial internet
industrial
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211209878.7A
Other languages
Chinese (zh)
Inventor
李纲强
曹竹冬
王琰楠
潘斌斌
陶昆
朱少平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongtong Hexin Technology Co ltd
Original Assignee
Zhongtong Hexin Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongtong Hexin Technology Co ltd filed Critical Zhongtong Hexin Technology Co ltd
Priority to CN202211209878.7A priority Critical patent/CN115580468A/en
Priority to PCT/CN2022/138270 priority patent/WO2024066059A1/en
Publication of CN115580468A publication Critical patent/CN115580468A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/121Timestamp

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses an industrial internet safety system and method based on SDP and edge calculation, belonging to the field of industrial internet safety and solving the problem of the industrial internet safety and data acquisition terminal from an industrial internet platform to a data acquisition terminal; the system comprises a plurality of front-end devices, a plurality of SDP edge terminals, an SDP edge gateway, an industrial internet platform and an SDP management terminal; the SDP edge gateway is used for carrying out edge calculation processing on the obtained industrial production data and sending the industrial production data to the industrial internet platform; the industrial internet platform is a service platform for industrial production, and a user remotely accesses a corresponding SDP edge terminal or front-end equipment through the industrial internet platform and acquires required data; the SDP management end is used for registering trusted Internet of things nodes for the front-end equipment, the SDP edge terminal, the SDP edge gateway and the industrial Internet platform, establishing access rules, negotiating communication tokens and carrying out centralized monitoring.

Description

Industrial internet safety system and method based on SDP and edge calculation
Technical Field
The invention belongs to the field of industrial internet security, relates to an SDP technology, and particularly relates to an industrial internet security system and method based on SDP and edge calculation.
Background
With the development of the industrial internet, the security requirement of the industrial internet is increasingly urgent, and the information transmission between the industrial internet platform and the data acquisition terminal needs to take the security of the industrial internet platform and the data acquisition terminal into full consideration, and the security of the information transmission between the industrial internet platform and the data acquisition terminal into consideration.
At present, the industrial internet security mainly adopts the traditional methods of situation awareness, missed scanning and other network security on a platform and a network layer, the industrial field security mainly considers the security of an industrial control intranet and the stability of industrial control, and the industrial internet security from an industrial internet platform to a data acquisition terminal and the security of the data acquisition terminal are not involved.
Therefore, the invention provides an industrial internet security system and method based on SDP and edge calculation.
Disclosure of Invention
The present invention is directed to solving at least one of the problems of the prior art. Therefore, the invention provides an industrial internet safety system and method based on SDP and edge calculation, which solve the problems of industrial internet safety from an industrial internet platform to a data acquisition terminal and the safety of the data acquisition terminal.
To achieve the above object, an embodiment according to a first aspect of the present invention proposes an industrial internet security system based on SDP and edge computation, comprising: the system comprises a plurality of front-end devices, a plurality of SDP edge terminals, an SDP edge gateway, an industrial internet platform and an SDP management terminal;
the front-end equipment is arranged on an industrial production site;
the SDP edge terminal is connected with corresponding front-end equipment and used for collecting industrial production data of the corresponding front-end equipment and sending the industrial production data to the SDP edge gateway;
the SDP edge gateway is used for performing edge calculation processing on the obtained industrial production data and sending the industrial production data to the industrial Internet platform;
the industrial internet platform is a service platform for industrial production, and a user remotely accesses a corresponding SDP edge terminal or front-end equipment through the industrial internet platform and acquires required data;
the SDP management terminal is used for registering credible Internet of things nodes for the front-end equipment, the SDP edge terminal, the SDP edge gateway and the industrial Internet platform, establishing access rules, negotiating communication tokens and carrying out centralized monitoring.
Further, the front-end equipment is industrial production equipment and industrial test equipment for production.
Furthermore, the industrial internet platform is open to the outside and comprises an open internet address and a service port.
Furthermore, the SDP management end allocates legal and unique node ID numbers for the front-end equipment, the SDP edge terminal, the SDP edge gateway and the corresponding server of the industrial Internet platform and stores the legal and unique node ID numbers, and configures the allocated node ID numbers; when the node is powered on, automatically running a registration program and sending a registration message to an SDP management end; and after receiving the registration message, the SDP management end verifies the validity of the node, and updates the stored corresponding node information after the verification is passed, so that the registration of the node of the trusted Internet of things is completed.
Furthermore, the front-end device, the SDP edge terminal, the SDP edge gateway and the industrial Internet platform are all divided into a network service layer, a signature verification layer, a security access layer, an OS layer and an application layer.
Further, the industrial internet security method based on SDP and edge calculation comprises the following steps:
the method comprises the following steps: a user processes original access data with an IP address, a timestamp and a communication token into SPA data through an industrial internet platform, and the SPA data is packaged, encrypted and then sent to an SDP edge gateway through a firewall;
step two: the SDP edge gateway judges the identity validity of the SPA data packet, namely, the SDP edge gateway acquires an identity information verification result from an SDP management end, if the identity information verification result is legal, the SDP edge gateway allows a corresponding server IP address of the industrial internet platform to be connected with the SDP edge gateway, and opens a specified port;
step three: the SPA data packet is transmitted to an SDP edge terminal of a corresponding IP address through an SDP edge gateway; the SDP edge terminal judges the identity validity of the SPA data packet, namely, the SDP edge terminal acquires an identity information verification result from the SDP management terminal, and if the identity information verification result is legal, the SDP edge terminal corresponding to the IP address allows connection with a port corresponding to an SDP edge gateway;
step four: the SDP edge terminal decrypts and analyzes the received SPA data packet, acquires original access data, acquires industrial production data of corresponding front-end equipment connected with the SDP edge terminal according to requirements, packages the industrial production data into the SPA data packet, encrypts the SPA data packet and sends the SPA data packet to the SDP edge gateway;
step five: the SDP edge gateway acquires the identity information verification result of the current SPA data packet from the SDP management end, and if the identity information is legal, the corresponding SDP edge terminal is allowed to establish connection with the SDP edge gateway; the SDP edge gateway performs edge calculation processing on the obtained SDP data packet and then sends the SDP data packet to the industrial Internet platform;
step six: the industrial internet platform acquires the identity information verification result of the current SPA data packet from the SDP management terminal, and if the identity information is legal, the SDP edge gateway is allowed to establish connection with the industrial internet platform, so that the data packet is acquired, and the data required by the user is acquired.
Compared with the prior art, the invention has the beneficial effects that:
in the invention, the SPD safety module is arranged at the front-end equipment, the SDP edge terminal, the SDP edge gateway, the industrial internet platform and the SDP management end, so that the SPA single-packet authentication is carried out without responding to any network scanning in the information transmission process between the industrial internet and the front-end equipment; the SDP management end configures trusted node IDs for the front-end equipment, the SDP edge terminal, the SDP edge gateway and the industrial internet platform to acquire registration information; in the data transmission process, bidirectional signature verification is carried out, the validity of equipment or identity is verified, a bidirectional virtual covert communication channel is established, and data encryption transmission is carried out; after the signature is checked, illegal data are blocked through legal data, so that the information safety of the data acquisition terminal and the industrial internet platform in the industrial internet is guaranteed, and the safety of the whole transmission system of the data acquisition terminal and the industrial internet platform is also guaranteed; different from the traditional industrial control isolation, the method realizes mutual isolation and mutual hiding among front-end equipment, terminals and gateways, and can perform authority management and grouping management of each node.
Drawings
FIG. 1 is a schematic diagram of the system of the present invention;
FIG. 2 is a schematic diagram of the steps of the method of the present invention.
Detailed Description
The technical solutions of the present invention will be described below clearly and completely in conjunction with the embodiments, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
As shown in fig. 1-2, the industrial internet security system based on SDP and edge computing comprises: the SDP gateway comprises a plurality of front-end devices, a plurality of SDP edge terminals, an SDP edge gateway, an industrial internet platform and an SDP management end;
in the application, the front-end equipment is arranged at an industrial production site; in the embodiment of the present invention, the front-end device may be an industrial production device, an industrial test device, or the like for production;
in the application, the SDP edge terminal is connected to a corresponding front-end device, and is configured to collect industrial production data of the corresponding front-end device, and send the obtained industrial production data to the SDP edge gateway;
in the application, the SDP edge gateway is configured to perform edge calculation processing on the obtained industrial production data, and send an industrial production data packet after the edge calculation processing to an industrial internet platform;
in the application, the industrial internet platform is a service platform for industrial production, and a user remotely accesses a corresponding SDP edge terminal or front-end equipment through the industrial internet platform and acquires required data; the industrial Internet platform is open to the outside and comprises an open Internet address and a service port; the industrial internet platform also comprises an operation and maintenance server which carries out operation and maintenance control through remote access to the front-end equipment or the SDP edge terminal;
in the application, the SDP management end is used for registering a trusted internet of things node for front-end equipment, an SDP edge terminal, an SDP edge gateway, and an industrial internet platform, establishing an access rule, negotiating a communication token, and performing centralized monitoring;
the SDP management end allocates legal and unique node ID numbers for the front-end equipment, the SDP edge terminal, the SDP edge gateway and the server corresponding to the industrial Internet platform and stores the legal and unique node ID numbers, and the allocated node ID numbers are configured to the corresponding front-end equipment, the corresponding SDP edge terminal, the SDP edge gateway and the server corresponding to the industrial Internet platform; when the node is powered on, automatically running a registration program and sending a registration message to an SDP management end; after receiving the registration message, the SDP management end verifies the validity of the node, and updates the stored corresponding node information after the verification is passed, so that the registration of the trusted Internet of things node is completed;
in the application, the front-end equipment, the SDP edge terminal, the SDP edge gateway and the industrial internet platform are all divided into a network service layer, a signature verification layer, a security access layer, an OS layer and an application layer;
wherein the network service layer: no response to any network scanning, hiding general service ports such as HTTP \ MQTT \ video and the like, and being in a network silent state and single-packet authentication;
signature verification layer: a trusted Internet of things node registered by the industrial Internet security platform acquires a communication token (containing random communication parameters and one-time pad) through an SDP management end, issues a signature authentication packet and carries out bidirectional verification with a communication party;
a security access layer: the bidirectional signature passes the verification, the equipment/identity validity is verified, a bidirectional virtual covert communication channel is established, the channel communication parameters are randomly changed every 30 minutes, and data are encrypted and transmitted;
and an OS layer: after all the service data are subjected to SDP security drive signature verification, the OS is delivered, and illegal data are blocked;
an application layer: the application is completely transparent, and secondary development is not needed.
The industrial internet security method based on SDP and edge calculation comprises the following steps:
the method comprises the following steps: a user processes original access data with an IP address, a timestamp and a communication token into SPA data through an industrial internet platform, and the SPA data is packaged, encrypted and then sent to an SDP edge gateway through a firewall;
step two: the SDP edge gateway judges the identity validity of the SPA data packet, namely, the SDP edge gateway acquires an identity information verification result from an SDP management end, if the identity information verification result is legal, the SDP edge gateway allows a corresponding server IP address of the industrial internet platform to be connected with the SDP edge gateway, and opens a specified port;
step three: the SPA data packet is transmitted to an SDP edge terminal corresponding to the IP address through an SDP edge gateway; the SDP edge terminal judges the identity validity of the SPA data packet, namely, the SDP edge terminal acquires an identity information verification result from the SDP management terminal, and if the identity information verification result is legal, the SDP edge terminal corresponding to the IP address allows connection with a port corresponding to an SDP edge gateway;
step four: the SDP edge terminal decrypts and analyzes the received SPA data packet, acquires original access data, acquires industrial production data of corresponding front-end equipment connected with the SDP edge terminal according to requirements, packages the industrial production data into an SPA data packet, encrypts the SPA data packet and sends the SPA data packet to an SDP edge gateway;
step five: the SDP edge gateway acquires the identity information verification result of the current SPA data packet from the SDP management end, and if the identity information is legal, the corresponding SDP edge terminal is allowed to establish connection with the SDP edge gateway; the SDP edge gateway performs edge calculation processing on the obtained SDP data packet and then sends the SDP data packet to the industrial Internet platform;
step six: the industrial internet platform acquires the identity information verification result of the current SPA data packet from the SDP management end, and if the identity information is legal, the SDP edge gateway is allowed to be connected with the industrial internet platform, so that the data packet is acquired, and the data required by the user is acquired.
It should be noted that, the data encryption adopts algorithms SM2, SM3, or SM4;
the industrial Internet platform and the SDP edge gateway do not open IP and ports to the outside, hide the network, do not expose host bugs, can defend external scanning, detection and hole-surging attack, can defend the penetration of network protection actions to the network, and meet the requirements of data uploading, instruction issuing and remote operation and maintenance on safety; on the premise of ensuring safety, data uploading, instruction issuing and remote safe operation and maintenance can be realized, and data transmission is free of delay and blockage; the remote operation and maintenance operation is smooth, no blockage exists, and the requirements on functions and performance of data transmission and remote operation and maintenance are met.
The working principle of the invention is as follows: in the invention, the SPD security module is arranged at the front-end equipment, the SDP edge terminal, the SDP edge gateway, the industrial internet platform and the SDP management end, so that the SPA single-packet authentication is carried out without responding to any network scanning in the information transmission process between the industrial internet and the front-end equipment; the SDP management end configures trusted node IDs for the front-end equipment, the SDP edge terminal, the SDP edge gateway and the industrial internet platform to acquire registration information; in the data transmission process, bidirectional signature verification is carried out, the validity of equipment or identity is verified, a bidirectional virtual covert communication channel is established, and data encryption transmission is carried out; and after the signature is checked, the illegal data is blocked through the legal data.
In the embodiments provided by the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and there may be other divisions when the actual implementation is performed; the modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one position, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the method of this embodiment.
Although the present invention has been described in detail with reference to the preferred embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted for elements thereof without departing from the spirit and scope of the present invention.

Claims (6)

1. Industrial internet security system based on SDP and edge computing, comprising: the system comprises a plurality of front-end devices, a plurality of SDP edge terminals, an SDP edge gateway, an industrial internet platform and an SDP management terminal;
the front-end equipment is arranged on an industrial production site;
the SDP edge terminal is connected with corresponding front-end equipment and used for collecting industrial production data of the corresponding front-end equipment and sending the industrial production data to the SDP edge gateway;
the SDP edge gateway is used for performing edge calculation processing on the obtained industrial production data and sending the industrial production data to the industrial Internet platform;
the industrial internet platform is a service platform for industrial production, and a user remotely accesses a corresponding SDP edge terminal or front-end equipment through the industrial internet platform and acquires required data;
the SDP management terminal is used for registering credible Internet of things nodes for the front-end equipment, the SDP edge terminal, the SDP edge gateway and the industrial Internet platform, establishing access rules, negotiating communication tokens and carrying out centralized monitoring.
2. The industrial internet security system based on SDP and edge computing of claim 1, wherein the front-end devices are industrial production devices and industrial test devices for production.
3. The industrial internet security system based on SDP and edge computing of claim 1, wherein the industrial internet platform is open to the outside, including open internet addresses and service ports.
4. The industrial internet security system based on the SDP and the edge calculation as claimed in claim 1, wherein the SDP management end allocates legal and unique node ID numbers for the front-end device, the SDP edge terminal, the SDP edge gateway and the corresponding server of the industrial internet platform and stores the legal and unique node ID numbers, and configures the allocated node ID numbers; when the node is powered on, automatically running a registration program and sending a registration message to an SDP management end; and after receiving the registration message, the SDP management end verifies the validity of the node, and updates the stored corresponding node information after the verification is passed, so that the registration of the node of the trusted Internet of things is completed.
5. The SDP and edge computing based industrial internet security system of claim 1, wherein the front-end device, the SDP edge terminal, the SDP edge gateway, and the industrial internet platform are each partitioned into a web service layer, a signature verification layer, a secure access layer, an OS layer, and an application layer.
6. Industrial internet security method based on SDP and edge computing, according to any of claims 1-5, comprising the steps of:
the method comprises the following steps: a user processes original access data with an IP address, a timestamp and a communication token into SPA data through an industrial internet platform, and the SPA data is packaged, encrypted and then sent to an SDP edge gateway through a firewall;
step two: the SDP edge gateway judges the identity validity of the SPA data packet, namely, the SDP edge gateway acquires an identity information verification result from an SDP management end, if the identity information verification result is valid, the SDP edge gateway allows a corresponding server IP address of the industrial internet platform to be connected with the SDP edge gateway, and opens a specified port;
step three: the SPA data packet is transmitted to an SDP edge terminal of a corresponding IP address through an SDP edge gateway; the SDP edge terminal judges the identity validity of the SPA data packet, namely, the SDP edge terminal acquires an identity information verification result from the SDP management terminal, and if the identity information verification result is valid, the SDP edge terminal corresponding to the IP address allows connection with a port corresponding to an SDP edge gateway;
step four: the SDP edge terminal decrypts and analyzes the received SPA data packet, acquires original access data, acquires industrial production data of corresponding front-end equipment connected with the SDP edge terminal according to requirements, packages the industrial production data into an SPA data packet, encrypts the SPA data packet and sends the SPA data packet to an SDP edge gateway;
step five: the SDP edge gateway acquires the identity information verification result of the current SPA data packet from the SDP management end, and if the identity information is legal, the corresponding SDP edge terminal is allowed to establish connection with the SDP edge gateway; the SDP edge gateway performs edge calculation processing on the obtained SDP data packet and then sends the SDP data packet to the industrial Internet platform;
step six: the industrial internet platform acquires the identity information verification result of the current SPA data packet from the SDP management end, and if the identity information is legal, the SDP edge gateway is allowed to be connected with the industrial internet platform, so that the data packet is acquired, and the data required by the user is acquired.
CN202211209878.7A 2022-09-30 2022-09-30 Industrial internet safety system and method based on SDP and edge calculation Pending CN115580468A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202211209878.7A CN115580468A (en) 2022-09-30 2022-09-30 Industrial internet safety system and method based on SDP and edge calculation
PCT/CN2022/138270 WO2024066059A1 (en) 2022-09-30 2022-12-12 Industrial internet security system and method based on sdp and edge computing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211209878.7A CN115580468A (en) 2022-09-30 2022-09-30 Industrial internet safety system and method based on SDP and edge calculation

Publications (1)

Publication Number Publication Date
CN115580468A true CN115580468A (en) 2023-01-06

Family

ID=84582751

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211209878.7A Pending CN115580468A (en) 2022-09-30 2022-09-30 Industrial internet safety system and method based on SDP and edge calculation

Country Status (2)

Country Link
CN (1) CN115580468A (en)
WO (1) WO2024066059A1 (en)

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10739761B2 (en) * 2017-11-16 2020-08-11 Intel Corporation Scalable edge compute in a distributed control environment
US10601956B2 (en) * 2018-06-04 2020-03-24 Cisco Technology, Inc. Automatically and remotely on-board services delivery platform computing nodes
CN109921944B (en) * 2019-03-21 2021-12-14 青岛铁木真软件技术有限公司 Network boundary control method and device for industrial internet
CN113572738B (en) * 2021-06-29 2023-04-07 中孚安全技术有限公司 Zero trust network architecture and construction method
CN113556267A (en) * 2021-07-20 2021-10-26 全球能源互联网研究院有限公司 Terminal equipment state monitoring method and system and edge Internet of things proxy gateway
CN114915536B (en) * 2022-04-18 2023-05-16 中国人民解放军战略支援部队信息工程大学 Network system based on SDP assembly and terminal equipment safety protection method

Also Published As

Publication number Publication date
WO2024066059A1 (en) 2024-04-04

Similar Documents

Publication Publication Date Title
US11134064B2 (en) Network guard unit for industrial embedded system and guard method
CN108965215B (en) Dynamic security method and system for multi-fusion linkage response
CN110996318A (en) Safety communication access system of intelligent inspection robot of transformer substation
RU2636640C2 (en) Protection method of virtual private communication networks elements from ddos-attacks
WO2013085217A1 (en) Security management system having multiple relay servers, and security management method
CN105025016A (en) Internal-network terminal admission control method
CN111314381A (en) Safety isolation gateway
CN111988328A (en) Safety guarantee method and system for acquiring terminal data of power generation unit of new energy plant station
CN110417739A (en) It is a kind of based on block chain technology safety Netowrk tape in measurement method
TW202137735A (en) Programmable switching device for network infrastructures
CN108011873A (en) A kind of illegal connection determination methods based on set covering
CN115549932A (en) Safety access system and access method for massive heterogeneous Internet of things terminals
CN107566218B (en) Flow auditing method suitable for cloud environment
CN100471167C (en) Method and apparatus for managing wireless access-in wide-band users
CN104852902A (en) SWIM user identity authentication method based on improved Diameter/EAP-TLS protocol
CN115580468A (en) Industrial internet safety system and method based on SDP and edge calculation
CN113259347B (en) Equipment safety system and equipment behavior management method in industrial Internet
Li et al. SDN-based access authentication and automatic configuration for IPsec
CN113395258A (en) Industrial internet authentication gateway test development system and authentication process thereof
CN112995508A (en) Intelligent camera
WO2022017582A1 (en) Method and system for securing data communication in a computing environment
EP1879350A1 (en) Distributed computer system with a local area network
TWI531194B (en) Cable modem and method for reissuing a digital certificate
CN101594340B (en) Method and device for realizing internet lawful interception
KR101005870B1 (en) Method for blocking session of transmission control protocol for unauthenticated apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination