Access control method and device and gateway

An access control and gateway technology, applied in the direction of network connection, data exchange network, digital transmission system, etc., can solve the problem of transparent proxy consumption of system computing resources

Pending Publication Date: 2020-10-30
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Related technologies obtain communication data through a transparent proxy to control access to https traffic data, but the transparent proxy consumes a large amount of system computing resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method and device and gateway
  • Access control method and device and gateway
  • Access control method and device and gateway

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.

[0026] It should be noted that like numerals and letters denote similar items in the following figures, therefore, once an item is defined in one figure, it does not require further definition and explanation in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second" and the like are only used to distinguish descriptions, and cannot be understood as indicating or implying relative importance.

[0027] Some embodiments of the present application can solve the problem of implementing application-based access control on encrypted traffic without transparent proxying in the https environment. For example, in some embodiments of the present application, before the terminal accesses the server, the domain name system DNS (Domain Name System) request messag...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides an access control method and device, and the method comprises the steps: receiving flow data which comprises a message packaged through an https protocol; determining an application category according to a destination IP address (i.e., an Internet protocol address) obtained based on the message, the application category comprising news, entertainment or music; and determining to block or release the flow data according to an access control rule and the application category. According to some embodiments of the invention, the application type is determined through the obtained destination IP address of the message data based on the https protocol so as to carry out access control based on the application type; compared with a related mode of controlling the access flow based on the application type, the resource consumption of access control equipment such as a gateway or a firewall is effectively reduced, and the processing speed is improved.

Description

technical field [0001] The present application relates to the field of security access control, and specifically, the embodiments of the present application relate to an access control method, device and gateway. Background technique [0002] There are more and more network attacks, and a large number of network security devices have been developed and applied to the actual environment. Due to the variety of current applications and the popularity of the network, access control based on applications in the https (Hyper Text Transfer Protocol over Secure Socket Layer) environment There are more and more cases of strategy, but the solutions are more limited. [0003] As high-performance security gateways become more and more common, and there are more and more https environments, this problem is becoming more and more prominent. Related technologies obtain communication data through a transparent proxy to perform access control on https traffic data, but the transparent proxy...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/12H04L12/859H04L29/08H04L12/66H04L47/2475
CPCH04L63/0236H04L63/0263H04L47/2475H04L67/02H04L12/66H04L61/4511
Inventor 范鸿雷
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products