Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A dynamic TLS authentication method, device and storage medium in a local area network

An authentication method and local area network technology, applied in the field of data security, which can solve the problems of long issuance period, inconvenient operation, and service interruption.

Active Publication Date: 2021-03-19
北京翼辉信息技术有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Therefore, in the existing technology, enterprises generally issue self-signed certificates for private network IP addresses. The technical defects are: self-signed certificates require considerable professional knowledge, professional and technical personnel are required in the enterprise for configuration management, and issuance process management. And the issuing period is long, and the operation is inconvenient; more importantly, if the IP address of the web server changes, such as server migration, reconfiguration, etc., then a new security certificate needs to be issued to continue using TLS encrypted data connection, otherwise the IP address If it is inconsistent with the content of the certificate, the client will deny access. Issuing a new security certificate will cause service interruption and affect the user experience

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A dynamic TLS authentication method, device and storage medium in a local area network
  • A dynamic TLS authentication method, device and storage medium in a local area network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The application will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain related inventions, rather than to limit the invention. It should also be noted that, for the convenience of description, only the parts related to the related invention are shown in the drawings.

[0029] It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined with each other. The present application will be described in detail below with reference to the accompanying drawings and embodiments.

[0030] figure 1 It shows a dynamic TLS authentication method in a local area network of the present invention. The local area network referred to in the present invention is such as a local area network within a home or an enterprise, that is, the IP address used by each dev...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a dynamic TLS authentication method, device and storage medium in a local area network. The method includes: a deployment step, issuing an IP certificate for a web server based on a unified self-issued root certificate Root CA; an accessing step, the web server loading For the corresponding IP certificate, the client establishes a network connection based on TLS to access the web server; the re-signing step, when detecting that the IP address of the device port connected to the web server changes, the service program is the web server Automatically issue a new IP certificate, and do not need to restart the service program and web server when re-issuing, so that the web service will not be interrupted. The invention unifies the self-signed CA root certificate of the local area network, introduces the intermediate certificate, and reduces the leakage risk of the root certificate; the change of the port IP address automatically triggers the issuance and loading of the certificate, without restarting the system and the web server, and will not cause service interruption. The whole process It is not perceived by the client, which improves the user experience.

Description

technical field [0001] The invention relates to the technical field of data security, in particular to a dynamic TLS authentication method, device and storage medium in a local area network. Background technique [0002] Web services in intranet environments (local area networks) such as enterprises and families often use non-encrypted network connection communications, which have low security. However, according to the specification: 1. Public CAs will not issue security certificates for private IP address segments; 2. Enterprises can issue self-signed certificates for private IP addresses; 3. Because it is not a public CA, clients (such as browsers) The self-signed certificate cannot be trusted directly, and the client user needs to forcefully trust the self-signed certificate to continue using it. [0003] Effective November 1, 2015, the industry-standard CA / browser form used to manage Baseline Requirements (BR) and set up SSL certificate usage no longer allows publicly ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/0823H04L63/10H04L63/166H04L61/4511
Inventor 韩辉付同堂李强程永斌李平
Owner 北京翼辉信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com