CN116996587B - Distributed sdp tunnel control method and device - Google Patents
Distributed sdp tunnel control method and device Download PDFInfo
- Publication number
- CN116996587B CN116996587B CN202311242661.0A CN202311242661A CN116996587B CN 116996587 B CN116996587 B CN 116996587B CN 202311242661 A CN202311242661 A CN 202311242661A CN 116996587 B CN116996587 B CN 116996587B
- Authority
- CN
- China
- Prior art keywords
- access request
- gateway
- gateways
- sdp
- matched
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000013507 mapping Methods 0.000 claims abstract description 30
- 230000005540 biological transmission Effects 0.000 claims description 46
- 230000000977 initiatory effect Effects 0.000 claims description 6
- 230000005641 tunneling Effects 0.000 claims 2
- 238000002955 isolation Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
- H04L67/63—Routing a service request depending on the request content or context
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the application provides a distributed sdp tunnel control method and equipment, wherein a mapping relation table of a gateway and a router is obtained from an sdp controller through a client, and then data of an access request sent by the gateway corresponding to the access request is determined according to the access request, and a user does not need to switch the sdp tunnel link back and forth manually so as to achieve the aim of switching, so that the efficiency and the use experience are greatly improved.
Description
Technical Field
The embodiments of the application belong to the technical field of network security, and particularly relate to a distributed sdp tunnel control method and equipment.
Background
The existing software defined boundary (abbreviated as "dp") or virtual private network (abbreviated as "vpn") on the market is based on the principle of establishing a single tunnel at the same time, and encapsulates and sends application data packets to the gateway. In the whole use process, an sdp client can only establish a tunnel with an sdp gateway, the sdp client transmits application data to a target server through the tunnel and the gateway, and when a plurality of Internet Data Center (IDC) machine rooms and a plurality of network isolation areas exist and different IDC machine rooms or isolation areas need to be accessed and operated at the same time in the same time period, a user needs to switch the link of the sdp tunnel back and forth manually so as to achieve the aim of switching, and the efficiency and the use experience are greatly reduced.
Disclosure of Invention
In order to solve or alleviate the problems in the prior art, the embodiment of the invention provides a distributed sdp tunnel control method and equipment. The data transmission tunnel can be established with a plurality of gateways through the same client so as to solve the problems in the prior art.
In a first aspect, an embodiment of the present application provides a distributed sdp tunnel control method, which is applied to a client, and includes:
initiating an authentication request to the dp controller to authenticate the user ID;
after passing the authentication, receiving a gateway list and a mapping relation and a secret key between the gateway list and a routing table, which are sent by an sdp controller;
establishing a data transmission tunnel between the gateway list and all gateways in the gateway list;
receiving an initiated application access request, and determining a gateway matched with the access request according to a mapping relation between the gateway list and a routing table;
and sending the data of the access request through a data transmission tunnel between gateways matched with the access request so as to access the specific application.
As a preferred embodiment of the present application, the establishing a data transmission tunnel with all gateways in the gateway list includes:
respectively sending requests for establishing connection to all gateways, wherein each request is provided with a session ID corresponding to the user ID one by one, and according to the session IDs, all the gateways respectively acquire keys of corresponding data transmission tunnels from the sdp controller;
and after the keys are successfully acquired by all the gateways, acquiring a tunnel establishment success instruction sent by all the gateways.
As a preferred embodiment of the present application, the initiating an application access request, determining a gateway matching the access request according to a mapping relationship between the gateway list and a routing table, includes:
comparing the initiated application request with the mapping relation between all the gateway lists and the routing tables to determine whether the specific application of the initiated application request exists in the routing tables;
and if the specific application of the initiated application request exists in the routing table, determining a gateway with a mapping relation with the routing table according to the routing table, and further determining a gateway matched with the access request.
As a preferred embodiment of the present application, the sending the access request data through the data transmission tunnel between the gateways matched with the access request to access the specific application includes:
encrypting the data of the access request according to the received key sent by the dp controller;
and sending the encrypted data of the access request to a gateway matched with the access request through a data transmission tunnel, decrypting the encrypted data of the access request through a key acquired from the dp controller by the gateway matched with the access request, and sending the decrypted data of the access request to a specific application through the gateway matched with the access request.
As a preferred embodiment of the present application, after sending the access request data through the data transmission tunnel between the gateways matched with the access request to access the specific application, the method includes:
receiving return data encrypted by the key returned by the gateway matched with the access request;
the received return data is decrypted by the key.
As a preferred embodiment of the present application, the method further comprises:
and deleting the data transmission tunnels established between all the gateways in the gateway list after the gateways matched with the access request are disconnected.
As a preferred embodiment of the present application, after the gateway matching the access request disconnects, deleting the data transmission tunnels established between the gateway and all the gateways in the gateway list, including:
transmitting a command of disconnecting the gateway matched with the access request to an sdp controller through the gateway matched with the access request, transmitting a deleting command to the gateway matched with the access request through the sdp controller, and deleting the secret key stored on the sdp controller;
and receiving the dp controller to send a deleting instruction, and deleting the key stored on the client.
As a preferred embodiment of the present application, the method further comprises:
and selecting a data transmission tunnel between the gateways with less load to transmit the data of the access request when at least two gateways are matched with the access request.
As a preferred embodiment of the present application, after the authentication is passed, the method includes:
and establishing a session ID corresponding to the user ID, wherein the session ID is used for identifying the user ID and the information in the data transmission tunnel.
Compared with the prior art, the embodiment of the application provides the distributed dp tunnel control method, the client acquires the mapping relation table of the gateway and the router from the dp controller, and further determines the data of the access request sent by the gateway corresponding to the access request according to the access request, and a user does not need to manually switch the dp tunnel link back and forth so as to achieve the purpose of switching, so that the efficiency and the use experience are greatly improved.
In a second aspect, an embodiment of the present application further provides a distributed dp tunnel control device, including:
a first sending module, configured to initiate an authentication request to the dp controller to authenticate the user ID;
the receiving module is used for receiving the gateway list sent by the dp controller, the mapping relation between the gateway list and the routing table and the secret key after the authentication is passed;
the establishing module is used for establishing a data transmission tunnel with all gateways in the gateway list;
the determining module is used for receiving the initiated application access request and determining a gateway matched with the access request according to the mapping relation between the gateway list and the routing table;
and the second sending module is used for sending the access request data through a data transmission tunnel between the gateways matched with the access request so as to access the specific application.
Compared with the prior art, the beneficial effects of the distributed sdp tunnel control device are the same as those of the technical scheme provided in the first aspect, and are not repeated here.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute an undue limitation to the application. Some specific embodiments of the present application will be described in detail hereinafter by way of example and not by way of limitation with reference to the accompanying drawings. The same reference numbers in the drawings denote the same or similar parts or portions, and it will be understood by those skilled in the art that the drawings are not necessarily drawn to scale, in which:
fig. 1 is a schematic flow chart of a distributed sdp tunnel control method provided in an embodiment of the present application;
FIG. 2 is a schematic diagram of an interaction process of a distributed sdp tunnel control method according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a distributed sdp tunnel control device according to an embodiment of the present application.
Detailed Description
In order to enable those skilled in the art to better understand the present application, the following description will make clear and complete descriptions of the technical solutions in the embodiments of the present application with reference to the accompanying drawings in the embodiments of the present application. It will be apparent that the described embodiments are merely some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, shall fall within the scope of the present application.
In a first aspect, as shown in fig. 1, an embodiment of the present application provides a distributed sdp tunnel control method, which is applied to a client, and includes:
step S01, initiating an authentication request to an sdp controller to authenticate a user ID;
before the client sends an authentication request to the dp controller, the client can configure data such as a mapping relation table of a gateway and a router, a gateway list and the like on the dp controller by a user, and store the data such as the mapping relation table of the gateway and the router, the gateway list and the mapping relation table of the gateway and the router on the dp controller, and the client can update the mapping relation table of the gateway and the router according to requirements, initiate an authentication request to the dp controller to authenticate whether the user ID is a legal user or not, and be the user ID recorded on the dp controller, so that specific application access can be performed.
Step S02, after the authentication is passed, receiving a gateway list and a mapping relation and a secret key between the gateway list and a routing table, which are sent by an sdp controller;
when the user ID passes the authentication, the sdp controller generates a key corresponding to the user ID, and the key is mainly used for encrypting data of the user access request.
After the authentication is passed, the method comprises the following steps:
and establishing a session ID corresponding to the user ID, wherein the session ID is used for transmitting the identification user ID and the information in the data transmission tunnel.
Step S03, establishing a data transmission tunnel between the gateway list and all gateways in the gateway list;
it should be noted that, after the client receives the gateway list, the mapping relationship between the gateway list and the routing table, and the key, a data transmission tunnel needs to be established with all gateways in the gateway list so as to transmit data.
Step S03 specifically includes: respectively sending requests for establishing connection to all gateways, wherein each request is provided with a session ID corresponding to the user ID one by one, and according to the session IDs, all the gateways respectively acquire keys corresponding to the data transmission tunnels from the sdp controller;
and after the keys are successfully acquired by all the gateways, acquiring a tunnel establishment success instruction sent by all the gateways.
Step S04, receiving an initiated application access request, and determining a gateway matched with the access request according to a mapping relation between the gateway list and a routing table;
the step S04 specifically includes:
comparing the initiated application request with the mapping relation between all the gateway lists and the routing tables to determine whether the specific application of the initiated application request exists in the routing tables;
and if the specific application of the initiated application request exists in the routing table, determining a gateway with a mapping relation with the routing table through the routing table, and further determining a gateway matched with the access request.
It should be noted that this step is mainly used to determine the gateway matching the access request in order to transmit data. In the specific determination process, because the gateway and the routing table have a one-to-one mapping relationship, and the routing table stores paths pointing to specific network addresses, the gateway matched with the access request can be determined according to the matching between the access request and the paths stored in the routing table.
And step S05, sending access request data through a data transmission tunnel between gateways matched with the access request to access the specific application.
The step S05 specifically includes: encrypting the data of the access request according to the received key sent by the dp controller;
and sending the encrypted data of the access request to a gateway matched with the access request, decrypting the data of the access request through a key acquired from the dp controller by the gateway matched with the access request, and sending the decrypted data of the access request to a specific application through the gateway matched with the access request.
In step S05, before the client sends the data to the gateway, the client needs to encrypt the data of the access request by using a key, the encrypted data of the access request may be transmitted through the data transmission tunnel, and after the data of the access request is transmitted to the gateway, the gateway needs to decrypt the data of the access request by using the key, that is, the key is stored on the gateway and the client, and the key is set in one-to-one correspondence with the user ID and the session ID. The gateway sends the decrypted data to the specific application.
After step S05, it includes:
step S06, receiving return data encrypted by the key returned by the gateway matched with the access request;
the received return data is decrypted by the key.
When it should be noted that, after the gateway transmits the decrypted data of the access request to the specific application, the specific application needs to return the data, and in this embodiment of the present application, the specific application may be, for example, a client management system, a financial management system, an OA management system, or the like.
When the data is returned, the gateway needs to encrypt the data through the key, the key is the same key as long as the key is the same user ID, the gateway transmits the encrypted returned data to the client through the data transmission tunnel, and the client decrypts the returned data through the key.
The method further comprises the steps of:
and S07, deleting the data transmission tunnels established between the gateway and all the gateways in the gateway list after the gateways matched with the access request are disconnected.
The step S07 specifically includes:
sending a gateway disconnection instruction matched with the access request to an sdp controller through a gateway matched with the access request; transmitting a deleting instruction to a gateway matched with the access request through the dp control, and deleting a key stored on the dp controller;
and receiving the dp control transmission deleting instruction, and deleting the key stored on the client.
It should be noted that, when the user accesses the specific application and needs to exit the specific application, the gateway matched with the access request needs to be disconnected, at this time, the key matched with the user ID needs to be deleted so as to delete the data transmission tunnel between the client and the gateway, the deleting key needs to send a deleting instruction to the client and the gateway by the dp controller to delete, after deleting the key matched with the user ID, if the user needs to access the specific application, the user needs to reestablish the data transmission tunnel, and also needs to acquire a new key again.
In a specific embodiment of the present application, when there are at least two gateways matching the access request, data of the access request is tunneled by selecting data transmission between the gateways with less load.
It should be noted that, in a specific application, when different users need to access the same specific application at the same time, and multiple gateways can all transmit the same access requests of multiple users, at this time, multiple access requests cannot all be transmitted through the same gateway, and reasonable allocation needs to be performed according to the load condition of each gateway, if 3 gateways can transmit access requests of multiple users, if one gateway is already transmitting the data of the access request of the first user, and other gateways are in an idle state, at this time, the access data needs to be transmitted through the gateway in the idle state, so that the efficiency of accessing the specific application by the user can be provided.
As shown in fig. 2, the interaction process between the client, gateway and specific application will be described in detail:
first, the administrator manages applications such as: com,2.com,3.com, and different physical locations and isolation areas of applications, corresponding gateways are set such as: gateway 1, gateway 2, gateway 3;
the administrator publishes the different applications on the system nearby to the corresponding gateways: such as: application 1.Com published to the nearby gateway 1; com issues to the nearby gateway 2; com issues to the nearby gateway 3; and authorizing these resources to the a user;
a, a user performs login authentication on a client, an sdp controller authenticates the user identity, and after authentication is successful, the sdp controller returns a gateway list, a mapping relation and a secret key between the gateway list and a routing table, wherein the gateway list is as follows: gateway 1, gateway 2, gateway 3 and the corresponding application of the gateway are 1.Com,2.Com and 3.Com;
the client establishes a session ID corresponding to the user ID, initiates connection with the gateway 1, the gateway 2 and the gateway 3, and establishes three data transmission tunnels simultaneously;
the user initiates access to the application 1.Com, and the client performs policy matching on the access application 1.Com according to the gateway list, the mapping relation between the gateway list and the routing table and the secret key, and matches the policy matching to the gateway 1; the client encrypts the data of the access request through a key, the encrypted data is transmitted to the gateway through a data transmission tunnel, the gateway decrypts the data of the encrypted access request through the key obtained from the dp controller and then sends the data to the specific application, the gateway receives the data returned by the specific application and encrypts the returned data through the key, the encrypted protection data is transmitted to the client through the data transmission tunnel, and the client decrypts the encrypted return data through the key after receiving the encrypted return data.
When the client is disconnected from the gateway, the gateway sends the disconnected connection to the dp controller, which sends a delete key command to the gateway to delete the key, and simultaneously sends the delete key command to the client to delete the key on the client.
In a second aspect, an embodiment of the present application further provides a distributed dp tunnel control device, including:
a first sending module 31 for initiating an authentication request to the dp controller to authenticate the user ID;
the receiving module 32 is used for receiving the gateway list sent by the dp controller and the mapping relation and the secret key between the gateway list and the routing table after the authentication is passed;
a setting up module 33, configured to set up a data transmission tunnel with all gateways in the gateway list;
a determining module 34, configured to receive an initiated application access request, and determine a gateway that matches the access request according to a mapping relationship between the gateway list and a routing table;
the second sending module 35 sends the access request data to access the specific application through the data transmission tunnel between the gateways matched with the access request.
Compared with the prior art, the beneficial effects of the distributed sdp tunnel control device provided by the embodiment of the application are the same as those of the technical scheme provided by the first aspect, and are not repeated here.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the corresponding technical solutions from the scope of the technical solutions of the embodiments of the present application.
Claims (9)
1. The distributed sdp tunnel control method is characterized by being applied to a client and comprising the following steps of:
initiating an authentication request to the dp controller to authenticate the user ID;
after passing the authentication, receiving a gateway list and a mapping relation and a secret key between the gateway list and a routing table, which are sent by an sdp controller;
establishing a data transmission tunnel between the gateway list and all gateways in the gateway list;
receiving an initiated application access request, and determining a gateway matched with the access request according to a mapping relation between the gateway list and a routing table;
transmitting data of the access request through a data transmission tunnel between gateways matched with the access request so as to access a specific application; the establishing a data transmission tunnel with all gateways in the gateway list comprises the following steps:
respectively sending requests for establishing connection to all gateways, wherein each request is provided with a session ID corresponding to the user ID one by one, and according to the session IDs, all the gateways respectively acquire keys of corresponding data transmission tunnels from the sdp controller;
and after the keys are successfully acquired by all the gateways, acquiring a tunnel establishment success instruction sent by all the gateways.
2. The distributed sdp tunnel control method according to claim 1, wherein the initiating the application access request, determining the gateway matching the access request according to the mapping relationship between the gateway list and the routing table, includes:
comparing the initiated application request with the mapping relation between all the gateway lists and the routing tables to determine whether the specific application of the initiated application request exists in the routing tables;
and if the specific application of the initiated application request exists in the routing table, determining a gateway with a mapping relation with the routing table according to the routing table, and further determining a gateway matched with the access request.
3. The distributed sdp tunneling control method according to claim 1, wherein said sending access request data through a data transmission tunnel between gateways that match said access request to access a specific application comprises:
encrypting the data of the access request according to the received key sent by the dp controller;
and sending the encrypted data of the access request to a gateway matched with the access request through a data transmission tunnel, decrypting the encrypted data of the access request through a key acquired from the dp controller by the gateway matched with the access request, and sending the decrypted data of the access request to a specific application through the gateway matched with the access request.
4. The distributed sdp tunneling control method according to claim 1, wherein after said sending access request data through a data transmission tunnel between gateways matched with said access request to access a specific application, comprising:
receiving return data encrypted by the key returned by the gateway matched with the access request;
the received return data is decrypted by the key.
5. The distributed sdp tunnel control method of claim 1, further comprising:
and deleting the data transmission tunnels established between all the gateways in the gateway list after the gateways matched with the access request are disconnected.
6. The distributed sdp tunnel control method according to claim 5, wherein after the gateway matched with the access request is disconnected, deleting the data transmission tunnels established between all the gateways in the gateway list, including:
transmitting a command of disconnecting the gateway matched with the access request to an sdp controller through the gateway matched with the access request, transmitting a deleting command to the gateway matched with the access request through the sdp controller, and deleting the secret key stored on the sdp controller;
and receiving the dp controller to send a deleting instruction, and deleting the key stored on the client.
7. The distributed sdp tunnel control method of claim 1, further comprising:
and selecting a data transmission tunnel between the gateways with less load to transmit the data of the access request when at least two gateways are matched with the access request.
8. The distributed sdp tunnel control method according to claim 1, wherein after the authentication is passed, comprising:
and establishing a session ID corresponding to the user ID, wherein the session ID is used for identifying the user ID and the information in the data transmission tunnel.
9. An apparatus, comprising:
a first sending module, configured to initiate an authentication request to the dp controller to authenticate the user ID;
the receiving module is used for receiving the gateway list sent by the dp controller, the mapping relation between the gateway list and the routing table and the secret key after the authentication is passed;
the establishing module is used for establishing a data transmission tunnel with all gateways in the gateway list;
the determining module is used for receiving the initiated application access request and determining a gateway matched with the access request according to the mapping relation between the gateway list and the routing table;
the second sending module is used for sending the access request data through a data transmission tunnel between the gateways matched with the access request so as to access the specific application;
the establishing a data transmission tunnel with all gateways in the gateway list comprises the following steps:
respectively sending requests for establishing connection to all gateways, wherein each request is provided with a session ID corresponding to the user ID one by one, and according to the session IDs, all the gateways respectively acquire keys of corresponding data transmission tunnels from the sdp controller;
and after the keys are successfully acquired by all the gateways, acquiring a tunnel establishment success instruction sent by all the gateways.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311242661.0A CN116996587B (en) | 2023-09-25 | 2023-09-25 | Distributed sdp tunnel control method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311242661.0A CN116996587B (en) | 2023-09-25 | 2023-09-25 | Distributed sdp tunnel control method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116996587A CN116996587A (en) | 2023-11-03 |
| CN116996587B true CN116996587B (en) | 2024-01-23 |
Family
ID=88523434
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311242661.0A Active CN116996587B (en) | 2023-09-25 | 2023-09-25 | Distributed sdp tunnel control method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116996587B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007131404A1 (en) * | 2006-05-15 | 2007-11-22 | Huawei Technologies Co., Ltd. | A method and device for realizing fast handover |
| CN102137088A (en) * | 2010-09-27 | 2011-07-27 | 华为技术有限公司 | Message exchanging method for service delivery platform (SDP) system, SDP system and device |
| EP3379794A1 (en) * | 2017-03-20 | 2018-09-26 | LINKK spolka z ograniczona odpowiedzialnoscia | Method and system for realising encrypted connection with a local area network |
| KR20190074614A (en) * | 2017-12-20 | 2019-06-28 | 주식회사 케이티 | Traffic transmission system based on dynamic tunneling communication, and signaling method of the same |
| KR102270140B1 (en) * | 2019-12-27 | 2021-06-28 | 주식회사 아라드네트웍스 | Method for providing communication using network tunnel and apparatus using the same |
| CN115834211A (en) * | 2022-11-24 | 2023-03-21 | 南京邮电大学 | CoAP network security access method based on software defined boundary |
| CN116760633A (en) * | 2023-08-11 | 2023-09-15 | 深圳市永达电子信息股份有限公司 | Method for realizing safe trusted physical network gateway |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11558184B2 (en) * | 2020-08-09 | 2023-01-17 | Perimeter 81 Ltd | Unification of data flows over network links with different internet protocol (IP) addresses |
-
2023
- 2023-09-25 CN CN202311242661.0A patent/CN116996587B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007131404A1 (en) * | 2006-05-15 | 2007-11-22 | Huawei Technologies Co., Ltd. | A method and device for realizing fast handover |
| CN102137088A (en) * | 2010-09-27 | 2011-07-27 | 华为技术有限公司 | Message exchanging method for service delivery platform (SDP) system, SDP system and device |
| EP3379794A1 (en) * | 2017-03-20 | 2018-09-26 | LINKK spolka z ograniczona odpowiedzialnoscia | Method and system for realising encrypted connection with a local area network |
| KR20190074614A (en) * | 2017-12-20 | 2019-06-28 | 주식회사 케이티 | Traffic transmission system based on dynamic tunneling communication, and signaling method of the same |
| KR102270140B1 (en) * | 2019-12-27 | 2021-06-28 | 주식회사 아라드네트웍스 | Method for providing communication using network tunnel and apparatus using the same |
| CN115834211A (en) * | 2022-11-24 | 2023-03-21 | 南京邮电大学 | CoAP network security access method based on software defined boundary |
| CN116760633A (en) * | 2023-08-11 | 2023-09-15 | 深圳市永达电子信息股份有限公司 | Method for realizing safe trusted physical network gateway |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116996587A (en) | 2023-11-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109561066B (en) | Data processing method and device, terminal and access point computer | |
| JP6641029B2 (en) | Key distribution and authentication method and system, and device | |
| US10826704B2 (en) | Blockchain key storage on SIM devices | |
| US7760885B2 (en) | Method of distributing encryption keys among nodes in mobile ad hoc network and network device using the same | |
| US8838972B2 (en) | Exchange of key material | |
| RU2406251C2 (en) | Method and device for establishing security association | |
| US7978858B2 (en) | Terminal device, group management server, network communication system, and method for generating encryption key | |
| EP3748928A1 (en) | Method and system for apparatus awaiting network configuration to access hot spot network apparatus | |
| WO2022127434A1 (en) | Wireless local area network authentication method and apparatus, and electronic device and storage medium | |
| US20060248337A1 (en) | Establishment of a secure communication | |
| US20070198837A1 (en) | Establishment of a secure communication | |
| CN110808829B (en) | SSH authentication method based on key distribution center | |
| WO2022100356A1 (en) | Identity authentication system, method and apparatus, device, and computer readable storage medium | |
| CN115632779B (en) | Quantum encryption communication method and system based on power distribution network | |
| CN112566119A (en) | Terminal authentication method and device, computer equipment and storage medium | |
| CN110769420A (en) | Network access method, device, terminal, base station and readable storage medium | |
| US20160105407A1 (en) | Information processing apparatus, terminal, information processing system, and information processing method | |
| CN116996587B (en) | Distributed sdp tunnel control method and device | |
| KR101880999B1 (en) | End to end data encrypting system in internet of things network and method of encrypting data using the same | |
| JP4775154B2 (en) | COMMUNICATION SYSTEM, TERMINAL DEVICE, PROGRAM, AND COMMUNICATION METHOD | |
| JP3645844B2 (en) | Relay connection method, network level authentication server, gateway device, information server, and program | |
| CN112235331A (en) | Data transmission processing method and equipment | |
| CN114268499B (en) | Data transmission method, device, system, equipment and storage medium | |
| CN114222296B (en) | Security access method and system for wireless network | |
| KR102216848B1 (en) | Method for security connection using wireless terminal device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |