105results about How to "Avoid malicious access" patented technology

The invention relates to a network access controlling method based on network access device port: according to message address information, configuring the processing mode of message passing through the network access device; obtaining the address information of the massage and processing the message according to the obtained address information and corresponding configuration information. It binds user-source MAC address and source IP address with the corresponding port and binds exchanger-supported VLAN ID and the member corresponding to the VLAN ID, thus effectively preventing the illegal user which uses counterfeit source MAC address, source IP address and VLAN ID from viciously accessing or attacking the network. It also makes access limitations on the message entering in the network through the network access device port in view of the destination address of the message, including the network access control of broadcast message, unicast message, multicast message, the message transmitted to the server and the message with specific destination MAC address, and effectively prevents legal user from viciously attacking the network by counterfeiting some destination MAC addresses.

The invention discloses a method and a device for processing privacy data in mobile equipment. The method comprises the steps that when the mobile equipment is connected to a computer, a first identity logged in on a mobile equipment side and a second identity logged in on a computer side are acquired; whether the first identity and the second identity are associated is judged; if so, an entry of a privacy space is displayed on the mobile equipment side; the privacy space is a disk storage space encrypted by a coded lock; when a request accessing the privacy space via the entry is received, the coded lock is displayed on the mobile equipment side; and when decryption information corresponding to the coded lock is received, data in the privacy space is displayed on the mobile equipment side. The method and the device can effectively avoid malicious privacy space access, so that the security of privacy information of a user can be ensured effectively.

The invention provides an isolation method and an isolation device for an application program. The method comprises steps as follows: when a to-be-isolated application program stored in a storage path in a non-isolation region is detected, the storage path of application data of the to-be-isolated application program is modified to be a storage path in an isolation region; the access right of the application data in the storage path in the isolation region is modified, and only the application program has the access right to the application data. According to the technical scheme, the application data of the application program which needs to be protected are independently stored in the isolation region, so that only the isolated application program in the isolation region has the access right to the application data, and any application program outside the isolation region has no access right to the application data of the isolated application program in the isolation region; the probability that a malicious application program in the non-isolation region has access to private data of a user in the application data of the isolated application program is avoided; the safety of the isolated application program and the data safety and the property safety of a user are protected better.

The invention discloses a micro-power consumption control method of motion monitoring and tracking equipment. A hardware energy consumption management and control part and a software energy consumption dynamic strategy part are combined; in the hardware energy consumption management and control part, by adopting control CPU frequency reduction and IO configuration, embedded secondary development of a communication CPU module, and complete isolation between the communication CPU module and a power supply, a dormant current of a whole machine is enabled to be smaller than 5 [mu]A; and in the software energy consumption dynamic strategy part, after a remote background server receives reported data of a terminal, according to parameters of the terminal, a terminal energy consumption managementand control strategy is formulated and sent to the terminal for execution. By controlling the power consumption of the whole machine, during the dormant period, the working current of the whole machine is less than 5 [mu]A; and in the tracking period, the communication CPU module works and performs data interaction with the remote server, the power consumption of the whole machine is less than 80mA, and when the communication CPU module is dormant in the tracking period, the power consumption of the whole machine is less than 1 mA.

The invention discloses a method for running uncontrollable third-party codes safely by using of technologies of a custom classloader provided by a Java virtual computer (JVM). Local modules and classes which are available in third-party codes are controlled, so that access to external resources can be effectively limited, and simultaneously, a plurality of third-party codes which operates at the same time can be isolated. The invention also provides a method for accessing local resources transparently in a controllable mode in third-party codes.

The embodiment of the application discloses a method for preventing session hijacking, a server and a terminal, which are used for preventing an attacker from maliciously acquiring identity authentication information between the terminal and the server, and improving the session information security level between the terminal and the server. The method according to one embodiment of the inventionincludes: automatically creating a session identifier by the server, randomly creating value of the token as a unique identifier, and constantly changing the value of the token, then, inputting the dynamic value into the data packets used for information exchange between the server and the terminal, and encrypting the data packets in an encrypted manner, so that the information security of the information exchange between the terminal and the server is doubly protected.

The invention discloses a cloud platform access method and a cloud platform access device, wherein the cloud platform access method comprises the following steps that under the condition of requesting to access a cloud platform, access marks are generated according to the request parameters of users; the access marks are sent to the cloud platform, and are verified according to the pre-stored user information corresponding to each user; under the condition that the access marks pass the verification, the users are allowed to access the cloud platform. The cloud platform access method and the cloud platform access device have the advantages that access marks are generated according to the request parameters of the users, in addition, the access marks are verified through the pre-stored user information, and the effect of allowing the users to access the cloud platform only under the condition that the access marks pass the verification is ensured, so the safety mechanism of the cloud platform is effectively improved, the malignant access of illegal users to the cloud platform is avoided, and the resource waste of the cloud platform is reduced.

The invention relates to the technical field of the Internet, in particular to a page access method and a device, a server and a page access system, the method comprises the following steps: acquiringa page login request sent by a terminal, the page login request carrying a login identifier and channel side information; when the channel party information is matched with preset channel comparisoninformation, obtaining at least one preset login comparison identifier belonging to the channel party information; and when the login identifier is matched with the login comparison identifier, sending page data to the terminal according to the page login request, thereby enabling the terminal to present a product page according to the page data. On one hand, the method can prevent an illegal channel party from maliciously accessing the server, so that the influence on the running efficiency of the server is reduced; and on the other hand, since the channel side supports multiple login modes,the method can broaden the traffic entry, and can also open the user to access the product page when the login identifier is matched with the login comparison identifier, thereby reducing the risk ofslowing down the operation efficiency due to malicious access.

The invention discloses a method for ranking the searching results according to the cost per impressions, cost per clicks. The method comprises: sustaining a database, in each account of information releaser having account balance item and at least one searching list; in each searching list having released information, at least one searching keyword and corresponding changeable cost per impressions value; the value of cost per impression can be set by setting cost per one click, and the database ranking with descending order according to searching keyword and cost per impression; after receiving searching request, confirming effective searching list that matches with the searching request; according to the pre-set website format, synthesizing the released information to be searching result page with specific order; reducing corresponding account balance with cost per impression or cost per click, taking a statistic of clicking rate and redirecting to the released website.

The invention discloses intelligent mobile storage equipment and relates to the technical field of mobile storage. The equipment comprises a control processing unit, a storage unit and a data transmission interface, wherein the control processing unit consists of a data transmission protocol and a control protocol which are mutually connected, and is provided with an independent main control chip and an independent and integrated on-chip operation system; the storage unit is mutually connected with the control processing unit and stores programs, data and information; and the data transmission interface is mutually connected with the data transmission protocol of the control processing unit and is an interface for the intelligent mobile storage equipment to communicate with external equipment. By embedding the on-chip operation system into the mobile storage equipment, malicious access to the mobile storage equipment by a computer and other external equipment can be effectively prevented, so the intelligent mobile storage equipment has high safety and independency.

The present invention relates to a method for access control of a multimedia system to a secure operating system and a mobile terminal for implementing the method. The method includes the steps of: initiating an application access request for selecting a trusted application from a client application of a multimedia system to a secure operating system; making a decision as to whether the client application is a malicious application, and if not, proceeding to a next step, if yes, returning Selection Failure to the client application and performing an interrupt handling; sending the application access request from the multimedia system to the secure system; and acquiring, at the secure operating system, the trusted application based on the application access request and returning the trusted application to the multimedia system. The malicious accesses initiated by a malicious application to a trusted application in a securing operating system can be prevented without switching between systems, and the problem that a trusted application cannot be accessed due to malicious access can be avoided.

The application discloses a safe data transmission method which comprises the following steps: generating a unique identifier corresponding to a mobile client on the mobile client; encrypting the unique identifier using the public key of a server to generate an identifying string; encapsulating the identifying string according to the message format; performing secondary encryption of the encapsulated identifying string and sending the encrypted identifying string to the server; obtaining the identifying string sent by the mobile client by the server, and decrypting the identifying string to obtain the first unique identifier; obtaining the program information of the mobile client by the server to generate unique identifier corresponding to the mobile client; and comparing the first unique identifier with the unique identifier corresponding to the mobile client, wherein if the comparison result indicates consistency, the verification is passed, the server generates a dynamic 3DES encryption key and a dynamic 3DES decryption key, encapsulates in a response message and returns to the mobile client.

The invention provides a parameter sending method of a storage chip of an imaging box, the storage chip and the imaging box. The method comprises the following steps of receiving an instruction sent by printing imaging equipment, and sending a key parameter to the printing imaging equipment when the instruction is judged as the key parameter reading instruction, wherein the key parameter is generated by the storage chip. The parameter needing to be read by the printing imaging equipment is generated by the storage chip, when the printing imaging equipment sends the reading instruction, the parameter generated by the storage chip is sent to the printing imaging equipment, the parameter cannot be directly read by the printing imaging equipment at any time, and therefore certain important parameters in the storage chip can be prevented from being obtained maliciously. Furthermore, a compatible manufacturer or an original manufacturer of the storage chip does not need to store the complete and specific parameter in the storage chip, a competitor can be prevented from directly reading the storage chip and obtaining certain important parameters, and therefore certain important parameters in the storage chip can be protected.

The invention discloses terminal equipment and a configuration method thereof. The configuration method comprises that: when the terminal equipment is powered up and started, a processing unit of the terminal equipment executes an initial part BIOS command to initialize a communication port and wait for receiving Tag information; and after the communication port is initialized, an RFID transmission unit reads the Tag information in a valid range and transmits the Tag information to the processing unit of the terminal equipment, and the processing unit of the terminal equipment executes a corresponding rear part BIOS command according to the Tag information for configuration. The method implements hardware configuration and operation authority setting on the terminal equipment in an RFID mode, meets the requirement that different users in an industrial field have different operation authorities on the same terminal equipment and the requirement that different operation modes have different hardware configurations, fully shows the characteristics of no influence of environment, hard damage, low cost, and intensified security of the system.

The invention discloses an SGX-based program control flow obfuscation method and system, and the method comprises the steps: hiding the definitions of variables in all branch statement conditions in an original program, and enabling the variables to be called hidden variables; converting all program statements including the hidden variable to hide the hidden variable, and obtaining a conversion program and a control flow matrix; T; sending the conversion program and the control flow matrix are sent to a remote computing unit, the conversion program is stored in an untrusted environment of theremote computing unit, and the control flow matrix is stored in a trusted environment SGX Enclave of the remote computing unit; and executing the conversion program in the remote computing unit basedon the control flow matrix. According to the method, a program transformation technology and an Intel software protection expansion technology are combined, conditions of each branch statement are converted, the branch statements are evaluated and moved to an opaque and credible hardware execution environment, and therefore high control flow confidentiality is guaranteed.

A system and method for controlling access to an applet is provided. According to the applet access control method, when an application requests a management program for access to an applet stored in an SE, the management program controls access of the application to the requested applet. Accordingly, since an application that has no access right is prohibited from accessing an applet, security for information stored in the applets can be increased.

The invention discloses a data storage method and device, a storage medium and computer equipment. The method comprises the following steps: obtaining a drive of a disk; encrypting the disk accordingto a preset disk encryption rule to obtain an encrypted disk; according to the service type of the to-be-stored data and pre-stored mounting information, determining a drive of an encrypted disk corresponding to the to-be-stored data, and mounting the encrypted disk according to the drive of the encrypted disk, the prediction mounting information storing a mapping relation between the service typeand the drive of the encrypted disk; and loading the to-be-stored data into the encrypted disk of the corresponding drive letter, encrypting the loaded data, and storing the encrypted data in the encrypted disk. According to the method and the device, partition encryption processing is performed on the disk partitions, and partition service data encryption processing is performed on the data stored in each disk partition, so that the security of the service data and the storage platform is improved.