Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Dynamic TLS authentication method and device in local area network and storage medium

An authentication method and local area network technology, applied in the field of data security, can solve problems such as affecting user experience, inconvenient operation, and long issuance period.

Active Publication Date: 2021-01-22
北京翼辉信息技术有限公司
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Therefore, in the existing technology, enterprises generally issue self-signed certificates for private network IP addresses. The technical defects are: self-signed certificates require considerable professional knowledge, professional and technical personnel are required in the enterprise for configuration management, and issuance process management. And the issuing period is long, and the operation is inconvenient; more importantly, if the IP address of the web server changes, such as server migration, reconfiguration, etc., then a new security certificate needs to be issued to continue using TLS encrypted data connection, otherwise the IP address If it is inconsistent with the content of the certificate, the client will deny access. Issuing a new security certificate will cause service interruption and affect the user experience

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic TLS authentication method and device in local area network and storage medium
  • Dynamic TLS authentication method and device in local area network and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The application will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain related inventions, rather than to limit the invention. It should also be noted that, for the convenience of description, only the parts related to the related invention are shown in the drawings.

[0029] It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined with each other. The present application will be described in detail below with reference to the accompanying drawings and embodiments.

[0030] figure 1 It shows a dynamic TLS authentication method in a local area network of the present invention. The local area network referred to in the present invention is such as a local area network within a home or an enterprise, that is, the IP address used by each dev...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a dynamic TLS authentication method and device in a local area network, and a storage medium, and the method comprises a deployment step: signing and issuing an IP certificate for a web server based on a unified self-signing and issuing root certificate Root CA; an access step: enabling the web server to load a corresponding IP certificate, and enabling the client to establish a network connection based on a TLS to access the web server; and a re-signing and re-issuing step: when detecting that the IP address of the equipment port connected to the web server changes, theservice program automatically signs and issues a new IP certificate to the web server, and the service program and the web server do not need to be restarted during re-signing and re-issuing, so thatthe web service is not interrupted. According to the invention, self-signing and issuing CA root certificates of a local area network are unified, intermediate certificates are introduced, and the leakage risk of the root certificates is reduced; the port IP address change automatically triggers issuing and loading of the certificate, a system and a web server do not need to be restarted, serviceinterruption cannot be caused, the whole process is not perceived by a client, and the user experience is improved.

Description

technical field [0001] The invention relates to the technical field of data security, in particular to a dynamic TLS authentication method, device and storage medium in a local area network. Background technique [0002] Web services in intranet environments (local area networks) such as enterprises and families often use non-encrypted network connection communications, which have low security. However, according to the specification: 1. Public CAs will not issue security certificates for private IP address segments; 2. Enterprises can issue self-signed certificates for private IP addresses; 3. Because it is not a public CA, clients (such as browsers) The self-signed certificate cannot be trusted directly, and the client user needs to forcefully trust the self-signed certificate to continue using it. [0003] Effective November 1, 2015, the industry-standard CA / browser form used to manage Baseline Requirements (BR) and set up SSL certificate usage no longer allows publicly ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/0823H04L63/10H04L63/166H04L61/4511
Inventor 韩辉付同堂李强程永斌李平
Owner 北京翼辉信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com