WO2018214108A1 - Système et procédé de mise en œuvre sécurisée destinés à une liaison de réseau - Google Patents

Système et procédé de mise en œuvre sécurisée destinés à une liaison de réseau Download PDF

Info

Publication number
WO2018214108A1
WO2018214108A1 PCT/CN2017/085965 CN2017085965W WO2018214108A1 WO 2018214108 A1 WO2018214108 A1 WO 2018214108A1 CN 2017085965 W CN2017085965 W CN 2017085965W WO 2018214108 A1 WO2018214108 A1 WO 2018214108A1
Authority
WO
WIPO (PCT)
Prior art keywords
data packet
encryption
network link
encrypted
encryption key
Prior art date
Application number
PCT/CN2017/085965
Other languages
English (en)
Chinese (zh)
Inventor
李炜
Original Assignee
深圳市伊特利网络科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市伊特利网络科技有限公司 filed Critical 深圳市伊特利网络科技有限公司
Priority to PCT/CN2017/085965 priority Critical patent/WO2018214108A1/fr
Publication of WO2018214108A1 publication Critical patent/WO2018214108A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the present invention relates to the field of communications, and in particular, to a method and system for securely implementing a network link.
  • a network link is a link for transmitting data in a network.
  • the transmission of an existing link is based on a node. If the data packet in the existing network link is not encrypted, the security is affected, thereby affecting the customer experience.
  • a security implementation method for a network link is provided, which solves the shortcomings of the prior art customer experience.
  • a method for securely implementing a network link includes the following steps:
  • the encrypted data packet is carried in the frame, and the encryption method and the encryption key are added at the frame header.
  • the method further includes:
  • the encryption method and the encryption key are sent to the remaining nodes of the data link of the data packet.
  • the method further includes:
  • the encryption method and the encryption key are uploaded to the network link distribution system.
  • a second aspect provides a security implementation system for a network link, where the method includes:
  • a receiving unit configured to receive the forwarded data packet
  • An encryption unit configured to detect whether the data packet is encrypted, and if not encrypted, invoking an encryption module to encrypt the data packet;
  • the control unit is configured to carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
  • system further includes:
  • control unit configured to send the encryption mode and the encryption key to the remaining nodes of the data link of the data packet.
  • system further includes:
  • control unit configured to upload the encryption mode and the encryption key to the network link distribution system.
  • a computer readable storage medium having stored thereon a computer program that, when executed by a processor, implements a secure implementation of the network link.
  • a terminal comprising one or more processors, a memory, a transceiver, and one or more programs, the one or more programs being stored in the memory and configured by the Executed by one or more processors, the program comprising instructions for performing the steps in the secure implementation method of the network link described above.
  • the technical solution provided by the specific embodiment of the present invention receives the forwarded data packet, and detects whether the data packet is encrypted. If the data packet is not encrypted, the encryption module is invoked to encrypt the data packet, and the encrypted data packet is carried in the frame, and The encryption method and the encryption key are added to the frame header, so that it has the advantages of encrypting unencrypted data packets, improving security, and improving user experience.
  • FIG. 1 is a flowchart of a method for implementing security of a network link according to the present invention.
  • FIG. 2 is a structural diagram of a security implementation system for a network link according to the present invention.
  • FIG. 3 is a schematic structural diagram of hardware of a terminal provided by the present invention.
  • FIG. 1 is a flowchart of a method for implementing security of a network link according to a first preferred embodiment of the present invention.
  • the method is implemented by a node.
  • the method is as shown in FIG. 1 , and includes the following steps:
  • Step S101 Receive a forwarded data packet.
  • Step S102 detecting whether the data packet is encrypted, and if not encrypted, invoking an encryption module to encrypt the data packet;
  • Step S103 Carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
  • the technical solution provided by the specific embodiment of the present invention receives the forwarded data packet, and detects whether the data packet is encrypted. If the data packet is not encrypted, the encryption module is invoked to encrypt the data packet, and the encrypted data packet is carried in the frame, and The encryption method and the encryption key are added to the frame header, so that it has the advantages of encrypting unencrypted data packets, improving security, and improving user experience.
  • the method may further include:
  • the encryption method and the encryption key are sent to the remaining nodes of the data link of the data packet.
  • the method may further include:
  • the encryption method and the encryption key are uploaded to the network link distribution system.
  • FIG. 2 is a schematic diagram of a security implementation system for a network link according to a second preferred embodiment of the present invention.
  • the system as shown in FIG. 2, includes:
  • the receiving unit 201 is configured to receive the forwarded data packet.
  • the encryption unit 202 is configured to detect whether the data packet is encrypted. If not, the encryption module is invoked to encrypt the data packet.
  • the control unit 203 is configured to carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
  • the technical solution provided by the specific embodiment of the present invention receives the forwarded data packet, and detects whether the data packet is encrypted. If the data packet is not encrypted, the encryption module is invoked to encrypt the data packet, and the encrypted data packet is carried in the frame, and The encryption method and the encryption key are added to the frame header, so that it has the advantages of determining the encryption key according to the type of the packet, improving security, and improving user experience.
  • the above system may further include:
  • the control unit 203 is configured to send the encryption mode and the encryption key to the remaining nodes of the data link of the data packet.
  • the above system may further include:
  • the control unit 203 is configured to upload the encryption mode and the encryption key to the network link distribution system.
  • a specific embodiment of the present invention further provides a computer readable storage medium having stored thereon a computer program, the program being implemented by the processor to implement a secure implementation method of the network link.
  • a specific embodiment of the present invention further provides a node, as shown in FIG. 3, including one or more processors 302, a memory 301, a transceiver 303, and one or more programs, the one or more programs being stored in The memory is, and is configured to be executed by, the one or more processors, the program comprising instructions for performing the steps in the secure implementation method of the network link described above.
  • Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another.
  • a storage medium may be any available media that can be accessed by a computer.
  • the computer readable medium may include random access memory (Random) Access Memory, RAM), Read-Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), Compact Disc Read-Only Memory, CD-ROM, or other optical disc storage, magnetic storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. Also. Any connection may suitably be a computer readable medium.
  • a disk and a disc include a compact disc (CD), a laser disc, a compact disc, a digital versatile disc (DVD), a floppy disk, and a Blu-ray disc, wherein the disc is usually magnetically copied, and the disc is The laser is used to optically replicate the data. Combinations of the above should also be included within the scope of the computer readable media.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La présente invention concerne un système et un procédé de mise en œuvre sécurisée destinées à une liaison de réseau. Le procédé comprend les étapes consistant : à recevoir un paquet de données transmis; à ajouter le nombre de paquets de données dans un champ d'en-tête du paquet de données; et à transporter le paquet de données crypté dans une trame, et à ajouter un procédé de cryptage et une clé de cryptage à un en-tête de trame. La solution technique fournie par la présente invention a l'avantage d'apporter une bonne expérience à l'utilisateur.
PCT/CN2017/085965 2017-05-25 2017-05-25 Système et procédé de mise en œuvre sécurisée destinés à une liaison de réseau WO2018214108A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/085965 WO2018214108A1 (fr) 2017-05-25 2017-05-25 Système et procédé de mise en œuvre sécurisée destinés à une liaison de réseau

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/085965 WO2018214108A1 (fr) 2017-05-25 2017-05-25 Système et procédé de mise en œuvre sécurisée destinés à une liaison de réseau

Publications (1)

Publication Number Publication Date
WO2018214108A1 true WO2018214108A1 (fr) 2018-11-29

Family

ID=64395153

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/085965 WO2018214108A1 (fr) 2017-05-25 2017-05-25 Système et procédé de mise en œuvre sécurisée destinés à une liaison de réseau

Country Status (1)

Country Link
WO (1) WO2018214108A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110430446A (zh) * 2019-07-26 2019-11-08 东软集团股份有限公司 视频处理方法、装置、设备和计算机可读存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127597A (zh) * 2007-10-09 2008-02-20 华中科技大学 Manet网络的数据传递加密方法
WO2015117451A1 (fr) * 2014-08-21 2015-08-13 深圳市中兴微电子技术有限公司 Procédé de communications chiffrées et terminal de communications, et support de stockage d'ordinateur
CN105262772A (zh) * 2015-11-06 2016-01-20 腾讯科技(深圳)有限公司 一种数据传输方法、系统及相关装置
CN106992998A (zh) * 2017-05-25 2017-07-28 深圳市伊特利网络科技有限公司 网络链路的安全实现方法及系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127597A (zh) * 2007-10-09 2008-02-20 华中科技大学 Manet网络的数据传递加密方法
WO2015117451A1 (fr) * 2014-08-21 2015-08-13 深圳市中兴微电子技术有限公司 Procédé de communications chiffrées et terminal de communications, et support de stockage d'ordinateur
CN105262772A (zh) * 2015-11-06 2016-01-20 腾讯科技(深圳)有限公司 一种数据传输方法、系统及相关装置
CN106992998A (zh) * 2017-05-25 2017-07-28 深圳市伊特利网络科技有限公司 网络链路的安全实现方法及系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110430446A (zh) * 2019-07-26 2019-11-08 东软集团股份有限公司 视频处理方法、装置、设备和计算机可读存储介质
CN110430446B (zh) * 2019-07-26 2021-09-14 东软集团股份有限公司 视频处理方法、装置、设备和计算机可读存储介质

Similar Documents

Publication Publication Date Title
WO2018223553A1 (fr) Procédé et système de contrôle d'accès wi-fi d'un terminal
WO2018214059A1 (fr) Procédé et système de sélection de liaison de données dans un réseau
WO2018218806A1 (fr) Procédé et système de protection de la confidentialité d'un terminal
WO2018209644A1 (fr) Procédé et système de chiffrement de données pour logement domotique
WO2018214108A1 (fr) Système et procédé de mise en œuvre sécurisée destinés à une liaison de réseau
WO2018218808A1 (fr) Procédé et système de lecture d'informations de message court
WO2018223550A1 (fr) Procédé et système de réglage d'une horloge d'alarme de terminal
WO2018218807A1 (fr) Procédé et système de lecture d'informations de wechat
WO2018214061A1 (fr) Procédé et système de chiffrement de liaison de réseau basé sur un terminal
WO2018223552A1 (fr) Procédé et système de sortie rapide d'application de terminal
WO2018214057A1 (fr) Procédé et système de calcul concernant la perte de paquets dans une liaison de réseau
WO2018214058A1 (fr) Procédé et système d'établissement d'une liaison de réseau pour des terminaux face à face
WO2018214056A1 (fr) Procédé et système de vérification de retard dans une liaison de réseau
WO2018214112A1 (fr) Procédé et système permettant de maintenir une adresse ip dans une liaison de réseau
WO2018227364A1 (fr) Procédé et système d'établissement de groupe de multidiffusion de terminal
WO2018039824A1 (fr) Procédé et système d'accumulation dynamique d'énergie pour panneau de cellules solaires
WO2018227370A1 (fr) Procédé et système de sélection de connexion de réseau de terminaux
WO2018214113A1 (fr) Procédé et système d'application d'adresses de réseau virtuel dans une liaison de réseau
WO2018214021A1 (fr) Procédé et système de partage de destination entre plateformes
WO2018214107A1 (fr) Procédé et système de détection de défaillance de liaison de réseau
WO2018227333A1 (fr) Procédé et un système de recommandation d'application de terminal basé sur le positionnement
WO2018214111A1 (fr) Procédé et système de maintenance à distance après une défaillance de liaison de réseau
WO2018214106A1 (fr) Procédé et système de mise à jour pour liste de connexions réseau
WO2018214110A1 (fr) Procédé et système de sélection de liaison sur la base d'un point d'accès
WO2018205273A1 (fr) Procédé et système de gestion de d'énergie d'un terminal intelligent

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17911335

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17911335

Country of ref document: EP

Kind code of ref document: A1