Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security certificate gateway

A security authentication gateway and gateway technology, which is applied in the field of gateways to improve network security, can solve problems such as inability to parse user information, reduce processing efficiency, and occupation, and achieve the effects of data transmission, secure transmission and identity authentication

Inactive Publication Date: 2011-06-29
KOAL SOFTWARE CO LTD
View PDF1 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] 1. The application cannot obtain the digital certificate information of the accessing user: the general SSL connection can only provide verification of the user's certificate and encrypt the transmitted data, but cannot parse user information (username, ID card, user unit, etc.) from the digital certificate ), so the application cannot perform more subtle identity authentication or secondary development on the user based on the certificate information
[0008] 2. There is no effective log record and audit function for the accessed users, access time, accessed client IP, accessed resources, etc.
[0009] 3. The general SSL secure connection service and the application itself are installed on the same server. Because the encryption and decryption operations of the SSL secure connection service itself occupy a large amount of server CPU resources, the CPU resources for the application itself are insufficient, resulting in processing The efficiency is greatly reduced
[0010] 4. Single protection for HTTP: Due to the limitations of the SSL protocol, general SSL can only transform HTTP into HTTPS, but is invalid for other TCP / IP protocols, that is, it can only be applied to B / S architecture and cannot Network transmission applied to C / S architecture

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security certificate gateway
  • Security certificate gateway
  • Security certificate gateway

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] In order to make the technical means, creative features, goals and effects achieved by the present invention easy to understand, the present invention will be further described below in conjunction with specific illustrations.

[0030] see figure 1 As shown in the security authentication gateway, the gateway mainly includes two parts: client and server.

[0031] The client includes a client password module and a client service module; and the server includes a server service module and a server password module.

[0032] The client service module acts as an agent of the application client (including the browser), and interacts with the server service module to establish an encrypted connection.

[0033] As a certificate storage medium and algorithm provider, the client cryptographic module is called by the client business module to complete corresponding certificate operations and cryptographic operations.

[0034] The server adopts the hardware gateway method. The ser...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security certificate gateway, comprising a client crypto module, a client business module, a service business module and a service crypto module, wherein the client business module is used as an agent of an application client and used for calling the client crypto module and the service business module interactively to build an encrypted connection; and the service business module is used for calling the service crypto module and the service business module to build a secure encrypted channel. Based on the high-strength identity authentication service, the high-strength data link encryption service and the digital signature and authentication service of a digital certificate, the gateway provided by the invention effectively protects secure access of network resources, and supports B / S applications of a hypertext transport protocol (HTTP) and hypertext transfer protocol secure (HTTPS) as well as common C / S applications of a file transfer protocol (FTP), a remote desktop and the like.

Description

Technical field: [0001] The invention relates to a network security technology, in particular to a gateway for improving network security. Background technique: [0002] With the rapid development of the network, network applications have been widely used due to their high efficiency and convenience, such as online securities, online banking, e-government, e-commerce, corporate remote office, etc. More and more important businesses are handled online, and more and more important information is transmitted in the network. How to protect the safe access of these important resources and the safe transfer of important data are important issues faced by network applications, but the usual network applications There are the following security risks: [0003] There is no effective identity authentication mechanism: the weak authentication method of user name + password is generally adopted. This mode of authenticating users has great hidden dangers, which are specifically manifest...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/66H04L29/06H04L29/08
Inventor 韩洪慧吴一博
Owner KOAL SOFTWARE CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products