Unlock instant, AI-driven research and patent intelligence for your innovation.

Secure communication control method

A technology of secure communication and control method, which is applied in the field of trusted computing and network communication, and can solve problems such as inability to communicate security control.

Inactive Publication Date: 2016-01-27
PLA PEOPLES LIBERATION ARMY OF CHINA STRATEGIC SUPPORT FORCE AEROSPACE ENG UNIV +1
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, technologies such as intrusion detection and virus protection can only detect whether the information received by the terminal contains viruses or Trojan horses, but cannot control the security of communication between different network domains, and the terminal may send information, and may also receive information from terminals in domains that do not have access rights

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Secure communication control method
  • Secure communication control method
  • Secure communication control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0054] see figure 1 , the embodiment of the present invention provides a secure communication control method. The method specifically includes the following steps:

[0055] Step 101: the management center sends the terminal security policy file to the trusted terminal, and sends the gateway security policy file to the trusted gateway;

[0056] The above-mentioned terminal security policy file includes a label configuration table, a multicast key table, an access control table and a security domain related table. The above-mentioned gateway security policy file includes an exception device list, a signature verification policy table and a security domain multicast key table.

[0057] Step 102: the trusted terminal receives the terminal security policy file sent by the management center, and performs security control on the data packets passing through the trusted terminal according to the terminal security policy file;

[0058] The trusted terminal intercepts the data packet...

Embodiment 2

[0063] see Figure 2A , the embodiment of the present invention provides a secure communication control method. In the embodiment of the present invention, the trusted terminals and trusted gateways in the network are uniformly managed by the management center, and different network domains can be formed by multiple trusted terminals and multiple trusted gateways. The secure communication between different network domains can be realized through the secure communication control method provided by the embodiment of the present invention. The method specifically includes the following steps:

[0064] Wherein, before performing security control on communications between network domains, the initial configuration of trusted terminals and trusted gateways is firstly completed through the following steps 201-204.

[0065] Step 201: The management center generates a terminal security policy file, and sends the terminal security policy file to the trusted terminal. The terminal secu...

Embodiment 3

[0148] see image 3 , the embodiment of the present invention provides a secure communication control system, the system specifically includes: a management center 301, a trusted terminal 302 and a trusted gateway 303; since the trusted terminal 302 and the trusted terminal 303 also perform data communication, image 3 The communication link between the two is marked with a dotted line.

[0149] The management center 301 is configured to send the terminal security policy file to the trusted terminal 302, and send the gateway security policy file to the trusted gateway 303; receive the terminal security log sent by the trusted terminal 302, and receive the gateway security log sent by the trusted gateway 303; The log is to perform security monitoring on the trusted terminal 302 and the trusted gateway 303 respectively according to the terminal security log and the gateway security log.

[0150]The trusted terminal 302 is used to receive the terminal security policy file sent b...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a secure communication control method, wherein a management centre sends a terminal security policy file to a trusted terminal and sends a gateway security policy file to a trusted gateway; the trusted terminal performs security control of data packets flowing in and out of the trusted terminal according to the terminal security policy file; and the trusted gateway performs security control of data packets flowing in and out of the trusted gateway according to the gateway security policy file. Because both the trusted terminal and the trusted gateway perform corresponding security detection and processing of the data packets flowing in and out, the data packets are prevented from being maliciously tampered; illegal access between network domains in networks can be avoided; and thus, secure communication between different network domains is realized.

Description

technical field [0001] The invention relates to the fields of trusted computing and network communication, and in particular to a secure communication control method. Background technique [0002] With the development of information technology, network communication security has become an important issue restricting the development of information. How to ensure the security of network interconnection and realize the secure communication between devices in the network has become an urgent problem to be solved. [0003] At present, the terminal in the network mainly uses technologies such as intrusion detection and virus protection to perform security detection on the information received by itself, and to check for malicious attacks and illegal information, so as to ensure the security of network communication. [0004] However, technologies such as intrusion detection and virus protection can only detect whether the information received by the terminal contains viruses or T...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/10H04L63/20
Inventor 王宇王飞孙鸿鹏吴忠望韩伟杰李晋丽
Owner PLA PEOPLES LIBERATION ARMY OF CHINA STRATEGIC SUPPORT FORCE AEROSPACE ENG UNIV