514results about How to "Avoid visiting" patented technology

The invention provides a method and a system for a mini-station to access cloud, and access management equipment. The method comprises the following steps of: receiving an access request message from the mini-station, wherein the access request message carries an Internet protocol (IP) address of the mini-station and a user account input by a user; acquiring first area position information corresponding to the IP address; acquiring second area position information corresponding to the user account; and if the first area position information is the same as the second area position information, allowing the accessing of the mini-station. The embodiment of the invention can realize area-based cloud accessing.

This invention utilizes the good architecture design presented by the latest Internet protocol IPv6, combines with safety domain name (DN) service, extends the existed ID verification system functions, realizes the bounding relation between the user ID and recent real IPv6 address to offer a reliable security service for the upper application. In the user management domain, there are a net access control server (NACS), an ID authentication server (IDAS) and a DN server. NACS recognizes the registered user via a 3-element group consisted of user computer source MAC address, the source IPv6 address and the port. IDAS authenticates the user ID recognition and defines related accessing priority. DN server establishes the positive-negative direction relations between user private DN and IPv6 address. This invention provides more effective ID authentication means and possesses a great extendable function to meet the requirement of the future Internet application development.

The invention provides a virtual machine memory mapping method and a system, wherein the method comprises step 1 of selecting a memory mapping method according to an application layer mapping request, and executing step 2 or step 3; step 2 of binding machine pages to be mapped of a virtual machine to be mapped and physical pages of a monitoring virtual machine, directly reading and writing corresponding memory corresponding to the mapped virtual machine, and executing step 4; step 3 of enabling the monitoring virtual machine to decompose a virtual address space into corresponding physical pages combined by a plurality of pages after the monitoring virtual machine processes unused physical memory in the physical memory, obtaining the machine pages to be mapped of the virtual machine to be mapped, carrying out corresponding processing after judgment, then binding the physical pages of the monitoring virtual machine and the machine pages to be mapped of the virtual machine to be mapped, and executing step 4; step 4 of releasing the memory of the monitoring virtual machine corresponding to the mapping memory of the virtual machine to be mapped after mapping, setting a mapping list from the machine pages of the monitoring virtual machine to the physical pages, and setting a corresponding item to be an invalid machine page.

The invention provides an SQL rewrite based database external encryption/decryption system and a usage method thereof. The system comprises an SQL rewrite main module, a statement parsing module, a grammatical rule management module, an encryption/decryption table management module, a rewrite execution module and a data encryption/decryption module. The method comprises the steps of executing a rewritten data sheet creation process, a rewritten data insertion process and a data query process. According to the system and the method, an SQL rewrite technology is used, and data are encrypted and decrypted outside a database system, so that encryption/decryption costs of the database system are avoided.

The embodiment of the invention discloses a strategy synchronization method, a system and a device. The method comprises that: a firewall receives an updating strategy message which is sent by a server; the firewall carries out the updating of a local strategy according to the updating strategy message, thereby realizing the strategy synchronization on the server. By adopting the embodiment of the invention, the dynamic synchronized firewall and ACL rules on the server can rapidly update role rules which are bound by a user terminal and the synchronization of more strategies and the switch of authorities of the user terminal can be rapidly realized without the manual configuration on the firewall.

An apparatus, system and method for controlling access to facilities based on usage class of a requestor are provided. With the apparatus, system and method, a two level protection mechanism is provided for protecting host channel adapter (HCA) facilities from unauthorized access. With the present invention, a first level of access is provided through virtual address translation and a mechanism for determining if the requestor of access may access a system memory address space page associated with a real address to which the virtual address maps. A second level of access is provided through the allocation of usage classes and determining a required usage class for accessing an HCA facility.

The present invention discloses a method and server of controlling multi-class access authorization of a linking account, including that: administrators adds accounts on the access server or remote dial user authentication server, sets plural groups of identification codes for the accounts, each of which reflects different access strategies; when the users request dialing-in identification, the access server compares the required identification information of the user with the account information if the dialing-in identification is local identification, and then Authorize the access strategy corresponding to the group of identification codes if the code of the required identification information is identical with the one of the code in the account of local account list. The invention supplies an access technical means, which not only confirm the web requirement of the adult but prevent the children accessing the bad information in the web. Only one account is needed for a family, so it is very economical.

The invention discloses a double-factor identity verification method based on intelligent equipment, which is used for solving the problems of inconvenient operation and low safety of user account numbers and network equipment caused by inputting account numbers and passwords during logging in a long-distance website in the prior art. The double-factor identity verification method based on the intelligent equipment comprises the following steps: establishing an active directory server, and guiding an AD (Active directory) account number list into the active directory server; establishing a configuration server, and managing and maintaining an organization identifying code of a user; binding a URL (Uniform Resource Locator) of an IDQ (internet data query) application server and the organization identifying code; and carrying out IDQ registration at a mobile phone terminal, verifying whether the organization identifying code and the AD account number are legal, if the organization identifying code and the AD account number are legal, registering successfully, otherwise, registering unsuccessfully; and visiting the equipment and a website by using a mobile phone. The double-factor identity verification method has the advantages that the mobile phone is used for scanning real-time alteration two-dimension codes generated by using a verification server so as to carry out login access of network resources, a conventional login manner of inputting the account numbers and the passwords by using a conventional keyboard is replaced, and the safety of the user account numbers and network equipment is greatly guaranteed.

The invention provides an encryption and decryption method and system of terminal data, and relates to encryption techniques in the field of data safety. The encryption and decryption method and system solves the problem that in the prior art, enterprise data stored on a mobile terminal have safety hidden risks. The encryption and decryption method includes the steps: a client receives a private secret key set by a terminal user, the private secrete key set by the terminal user is submitted to a server end, the server end produces a system secret key corresponding to the terminal user and stores the system secret key, when the terminal user carried out data encryption and decryption operations, the client submits the private secret key of the terminal user to the server end, the server end returns to the corresponding system secrete key after the private secrete key passes verification, and the client carries out encryption and decryption operations on data by means of the private secrete key and the corresponding system secrete key.

The invention discloses a system for realizing WAP mobile banking transaction security control and a method thereof. The system comprises a user terminal, a WEB server, a WAP portal server, a WAP transaction server and mobile communication operator system equipment, wherein, the WEB server is used for providing domain name address service and transferring a transaction request received from the user terminal to the WAP portal server; the WAP portal server is used for acquiring the mobile phone number of the user terminal, generating a mobile token according to operator mobile phone binding relations and sending the mobile token and the transaction request to the WAP transaction server; the WAP transaction server is used for verifying validity of the mobile token and checking whether user operator binding information is consistent with token information; the mobile communication operator system equipment is used for providing an interface to the WAP portal server and the WAP portal server acquires the mobile phone number by communicating with the mobile communication operator system equipment. By adopting the invention, the user can be prevented from visiting the WAP mobile banking by the internet, thereby effectively improving security of visiting the mobile banking.

The invention provides a distributed local DNS system and a domain name query method. The system comprises a local DNS service and a central DNS service which are deployed on a plurality of nodes. Theserver nodes corresponding to the local DNS service can provide domain name resolution service for the containers on the respective nodes, query response results in the nodes cache after receiving DNS query requests, and the response results are directly returned to the client if the response results are queried; and if the response results are not queried, the central DNS service is queried, soas to obtain the IP address corresponding to the DNS query request through the central DNS service and send the IP address to the client, thereby reducing the dependence of each service on the cloud platform on the platform centralized DNS system. According to the invention, the local DNS service can be automatically configured and automatically switched when a fault occurs, so that the influenceof the fault of the DNS system on the service can be alleviated, and the situation that the upper layer service accesses the basic DNS service across servers can be avoided.

The invention relates to a business processing method and device and a terminal and belongs to the technical field of communication. The method comprises receiving an access requirement sent by a first terminal; determining whether an application program has an access right according to application program information; obtaining first business data corresponding to the access requirement if the application program has the access right; encrypting the first business data and returning the encrypted first business data to the first terminal. By means of the method, the device and the terminal, the first business data to be processed are encrypted, the encrypted first business data are returned to the first terminal, and the first terminal complete businesses with a server through the encrypted first business data; access of unauthorized applications can be prevented, so that the business processing security is high; besides, remote businesses between the server can be processed, so that the business processing flexibility is high, and the effect is good.

Aiming at the problems in the prior art that when searching image data in a PACS system having a plurality of data, especially searching simultaneously in a plurality of image workstation, workload of a database server is sharply raised, system speed is declined, and the overall cost is added, the invention provides a caching technology based medical image database searching method, which comprises: after receiving an initial searching request, searching firstly in a local caching list; sending final searching request to the database server if not searching it, transmitting it to a local image workstation if the database server searches it, reporting the searching result to the local image workstation if not searching it in the database server. By using the method, the image data searching speed is quickened, the workload of the database server is lightened, and the working efficiency of the PACS system is improved. The invention also provides a a caching technology based medical image database searching system, which is used for guaranteeing implementation and application of the method in actual system.

The invention discloses an identity authentication method and device. The method is applied to a server of an identity authentication system, and comprises the following steps: performing identity registration according to user identity information and equipment identity information in an identity registration request, equipment integrity information reflecting an equipment operation state and thelike, and binding equipment and a user through identity registration to generate an authentication certificate; when a system access request exists, authenticating identities of a user and equipmentand equipment operation state information and realizing multi-level identity authentication; further, formulating multi-level and multi-combination access control strategy through comprehensively authenticating the identity and the equipment state, thus the network system safety is effectively increased. In the identity authentication method, the user identity is authenticated based on the multi-factor technology, the equipment identity is authenticated based on trusted computing, and the equipment integrity is authenticated, so that a zero-trust identity authentication system is realized, andthe security of the network system is effectively improved.

The invention discloses a resource access method of an Android system, and belongs to the technical field of a mobile system. The resource access method of the Android system aims at solving the technical problem that in the existing Android system, the security and the completeness of resources of a user can be threatened. The resource access method of the Android system comprises the following steps of: sequentially performing DAC (Discretionary Access Control) permission checking and MAC (Mandatory Access Control) permission checking on a resource accessing process; if the process passes the DAC permission checking and the MAC permission checking, obtaining a security label of the process and a security label of the resources; matching the security label of the process and the security label of the resources; and if the security label of the process and the security label of the resources are matched, allowing the process to access the resources.

The invention discloses an anti-virus method based on household gateway and a device thereof, which are used for solving technical problems, such as high requirements, complex installation and configuration and the like, of single-machine virus and anti-attack software. The invention employs resource of household gateway and uses a method which captures key information of contents accessed by users and inquires a security server, so as to prevent users from accessing network stations with viruses and hostile attacks, thereby improving safety of household network. The anti-virus method also avoids problems caused by direct installation of a firewall software on a user PC.

The invention discloses a safety access method and system based on a fire wall policy, and relates to the technical field of computer information security. According to the safety access method and system, configuration problems and dangerousness of the fire wall policy because of habits or unexpected errors of managers can be avoided through the dynamic open configuration according to needs. Furthermore, after equipment is accessed according to needs, a fire wall can close service access states according to fire wall poly instructions, and therefore the equipment can be effectively protected against external accesses and invasions which do not accord with service protocols. Through the dynamic starting-stopping configuration of the fire wall policy, the service protocols of the fire wall are started and stopped, manual operation of the managers is reduced, and therefore losses caused by operation errors can be avoided. A one-to-one safe configuration method between the fire wall safety policy and the equipment is achieved according to network safety check each time, access needs can form an access period, a safe closed ring from access needs to access to access stop is formed, and therefore the target equipment can be effectively protected against network threats in real time.

A method for correcting the settings of a flow cytometer, designed for fast sample handling and counting, allowing about 500 samples per hour to be counted. The counting is based on the provision of data representing a PHA diagram (Pulse Height Analysis) of registered pulses, each indicating a passed cell or particle. To check the settings the user measures a standard sample of uniform microbeads 161 on the flow cytometer, and inserts information on a disk 162 in a computer arranged to process the measured data and to calculate: a plurality of particle counts on the same sample, a mean count, a standard deviation s and/or Coefficient of Variation CV, a signal mean value SM, a signal width (width of the bell-curve in the PHA-diagram). The parameters are compared to pre-set limits (165, 166, 167, 168) and the PHAS curve is compared to an ideal curve PHA0. A user help program for adjusting the flow cytometer is arranged to display typical symptoms on a computer screen, to indicate the possible defects and to recommend actions to remedy the problems, based on information in a library stored in the computer. Thereby a visit by a service engineer can often be avoided.

The invention discloses a message processing method and system. The method includes the steps that message receiving and sending data in a terminal are monitored, and the number of a message sender is acquired; when the number of the message sender is an unknown number, the content of a message is acquired; the content of the message is analyzed, and keywords in the content of the message are acquired; if the keywords in the content of the message meet a preset interception policy, at least part of the keywords in the content of the message are concealed; the message with the concealed keywords in the content of the message is loaded into message application on the side of the terminal, and/or risk prompt information is displayed. Through the message processing method and system, the problems about how to improve accuracy of information judgment and prevent a user from having access to false and fraud information are solved.