A dual-network security synchronization system and method based on ssh

A synchronization system and secure technology, applied in the field of data transmission, to achieve the effect of reducing load dependence, safe and efficient file synchronization

Active Publication Date: 2022-03-29
CHENGDU DBAPP SECURITY
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

While relevant personnel are connected to the intranet for work, they sometimes need to obtain data from the external network. If the internal and external networks do not implement corresponding isolation control, the demand cannot be well met

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A dual-network security synchronization system and method based on ssh
  • A dual-network security synchronization system and method based on ssh
  • A dual-network security synchronization system and method based on ssh

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] A dual-network security synchronization system based on SSH, such as figure 1 As shown, the following modules are included:

[0033] Source storage module: access to front-end storage, provide source storage type and storage directory range selection.

[0034] Synchronization control module: responsible for establishing a connection to the protocol proxy module through the SSH protocol, and checking the file changes of the synchronization source storage module through file increments.

[0035] Protocol agent module: responsible for establishing and maintaining the SSH two-way connection channel, and realizing the control and forwarding of the synchronously executed protocol content.

[0036] File audit module: analyze and restore the content synchronized in the protocol, load file attribute detection, sensitive content detection, anti-virus detection and other audit identification.

[0037] Transmission control module: Control the abnormal files detected by the file a...

Embodiment 2

[0041] An SSH-based double-network security synchronization method is carried out in the above-mentioned system, such as Figure 4 As shown, including the data synchronization phase:

[0042] 1. According to the data synchronization task, the synchronization control module uses the SSH exec channel to send the remote file copy command, opens a new data transmission channel and sends the traffic data including the file content to the protocol agent module.

[0043] 2. The protocol proxy module quickly detects the traffic data of the received file content by stream mode hash matching, and performs a shared cache. If the data that has been successfully matched in the hash table uses the SSH exec channel to open a new data transmission channel, it will The data is forwarded to the synchronous receiving module.

[0044] 3. If it is unmatched data in the hash table, send the file information that cannot be judged to the file audit module, and wait for the processing result.

[004...

Embodiment 3

[0053] This embodiment is optimized on the basis of embodiment 1 or 2, as figure 2 As shown, the initialization phase is also included:

[0054] 1. Add and set front-end storage such as local file systems, remote file systems, and distributed storage object storage systems that need to be synchronized through the source storage module in the external network. The source storage module obtains files based on common file system formats for front-end storage and target list. The source storage module deploys multiple front-end storages connected to different locations at the same time to unify network access differences and realize unified adaptation of different heterogeneous environments.

[0055] 2. Set the connection address of the protocol agent module in the external network through the synchronization control module, authenticate and establish a connection with the protocol agent module through the SSH protocol.

[0056] 3. Add and set the target storage module in the i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an SSH-based dual-network security synchronization system and method. The system includes a sequentially connected source storage module, a synchronization control module, a protocol proxy module, a synchronization receiving module, a destination storage module, a file audit module, and a transmission control module. module; the protocol proxy module, file audit module, and transmission control module are sequentially closed-loop connected. The invention restores the contents of the files in the protocol channel through the agent of the SSH protocol, and analyzes the sensitive information and virus characteristics of the files, so as to control and maintain the range of asynchronous files. The present invention is based on the SSH protocol agent, compares and synchronizes file information between the internal and external networks, and restores and analyzes file data in the protocol to achieve control and audit effects. The invention controls and maintains the range of asynchronous files by analyzing sensitive information of files and virus characteristics, and realizes safe and efficient file synchronization in an isolated environment of internal and external networks.

Description

technical field [0001] The invention belongs to the technical field of data transmission, and in particular relates to an SSH-based dual-network security synchronization system and method. Background technique [0002] With the advent of the Internet era, the rapid development of network information technology has completely subverted the traditional office model, and the greatly improved work efficiency makes it impossible for us to leave the network. But at the same time, we are also facing increasingly serious security threats from the network, such as network data thieves, hacker attacks, virus publishers, and even leakers inside the system. Information security has become the primary issue in the informatization construction of the government, military, and large enterprises. The information security and application of the isolated network has always been a big problem that plagues and hinders the informatization of government agencies. How to synchronize and share dat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L67/1095H04L67/566H04L67/568G06F21/56
CPCH04L63/0281H04L63/0227H04L63/145H04L63/08H04L67/1095G06F21/56H04L67/566H04L67/568
Inventor 姜毅范渊吴永越郑学新刘韬
Owner CHENGDU DBAPP SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap