Nothing Special   »   [go: up one dir, main page]

CN109040069A - A kind of dissemination method, delivery system and the access method of cloud application program - Google Patents

A kind of dissemination method, delivery system and the access method of cloud application program Download PDF

Info

Publication number
CN109040069A
CN109040069A CN201810882900.1A CN201810882900A CN109040069A CN 109040069 A CN109040069 A CN 109040069A CN 201810882900 A CN201810882900 A CN 201810882900A CN 109040069 A CN109040069 A CN 109040069A
Authority
CN
China
Prior art keywords
application program
domain name
access
safety container
cloud application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810882900.1A
Other languages
Chinese (zh)
Other versions
CN109040069B (en
Inventor
杨正权
张沂
王进才
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Yi'an Networking Technology Co Ltd
Original Assignee
Jiangsu Yi'an Networking Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Yi'an Networking Technology Co Ltd filed Critical Jiangsu Yi'an Networking Technology Co Ltd
Priority to CN201810882900.1A priority Critical patent/CN109040069B/en
Publication of CN109040069A publication Critical patent/CN109040069A/en
Application granted granted Critical
Publication of CN109040069B publication Critical patent/CN109040069B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention discloses dissemination method, delivery system and the access method of a kind of cloud application program.The dissemination method and delivery system of cloud application program provided by the invention; server establishes safety container beyond the clouds; cloud application program is deployed in safety container; externally only issue an address and port; numerous applications are protected by safety container; the risk that cloud application program itself is attacked is greatly reduced, the safety of cloud application program is improved.The access method of cloud application program provided by the invention, when outer net client accesses different cloud application programs, it is parsed by the proxy server inside safety container and forwards request, outer net client may have access to different cloud application programs by a proxy server, also it solves application safety problem of the user in access cloud application program process, improves the safety of the user of access cloud application program.

Description

A kind of dissemination method, delivery system and the access method of cloud application program
Technical field
The present invention relates to application domain, more particularly to a kind of dissemination method of cloud application program, delivery system and Access method.
Background technique
Currently, Cloud Server is for a user, only the simple server-side by multiple applications is deployed in Cloud Server On.As shown in Figure 1, the application programs itself such as operation system A, operation system B, operation system C are individually disposed on the server, it is right The address of outer publication is also relatively independent.When user accesses, the request of transmission includes the address of destination application and use Name in an account book and password are parsed and are handled to request by application program itself, are communicated to establish with user, and user's access is reached Target.
As it can be seen that existing technical solution for cloud application service take be it is independent deployment, Stand-alone distribution mode, and And outermost protection is itself for application program.Different users is accessed different by different addresses A possibility that application program, not only application program is under attack in this way, is very big, and there is also very when accessing cloud application program by user Big security risk.
Therefore, the safety of user, becomes this when how to improve the safety and access cloud application program of cloud application program The technical issues of field technical staff's urgent need to resolve.
Summary of the invention
The object of the present invention is to provide dissemination method, delivery system and the access methods of a kind of cloud application program, can not only The risk that cloud application program itself is attacked enough is substantially reduced, the safety of cloud application program is improved, but also can solve user Application safety problem in access cloud application program process improves the safety of the user of access cloud application program.
To achieve the above object, the present invention provides following schemes:
A kind of dissemination method of cloud application program, the dissemination method include:
Server establishes safety container beyond the clouds, includes authentication center, proxy server and use inside the safety container Each application program at family, the safety container include a logic interfacing, wherein the authentication center is for the opposite generation Manage the outer net client progress authentication that server sends authentication request;
Configure title, domain name addresses and the agreement of each application program;
It is encrypted using domain name addresses of the encryption method to each application program, obtains each application program Encryption domain name, the outer net client passes through the corresponding application program of the encryption domain name access.
Optionally, described to be encrypted using domain name addresses of the encryption method to each application program, it specifically includes:
It is encrypted using domain name addresses of the Hash encryption method to each application program, obtains each application The Hash of program encrypts domain name.
A kind of delivery system of cloud application program, the delivery system include:
Safety container establishes module, establishes safety container for server beyond the clouds, includes recognizing inside the safety container Card center, proxy server and user each application program, the safety container include a logic interfacing, wherein it is described Outer net client of the authentication center for the opposite proxy server to send authentication request carries out authentication;
Level of application configuration module, for configuring title, domain name addresses and the agreement of each application program;
Domain name encrypting module is obtained for being encrypted using encryption method to the domain name addresses of each application program The encryption domain name of each application program is obtained, the outer net client applies journey by the way that the encryption domain name access is corresponding Sequence.
Optionally, domain name encrypting module using Hash encryption method to the domain name addresses of each application program into Row encryption, the Hash for obtaining each application program encrypt domain name.
A kind of access method of cloud application program, the access method is for accessing according to any one of claim 3-4 institute The delivery system stated, the access method include:
Outer net client sends authentication request to proxy server by the logic interfacing of safety container;
The authentication request is sent to authentication center and carries out authentication by the proxy server;
The proxy server is returned by the logic interfacing of the safety container to the outer net client after authenticating successfully Return authentication information;
The proxy server obtains the request that the outer net client is sent by the logic interfacing of the safety container Data packet parses the request data package, and according to the result of parsing by the request data package of the outer net client It is sent to corresponding application program.
Optionally, the outer net client is B/S framework applications access client or C/S framework applications access client.
The specific embodiment provided according to the present invention, the invention discloses following technical effects:
The dissemination method and delivery system of cloud application program provided by the invention, server establishes safety container beyond the clouds, Cloud application program is deployed in safety container, an address and port are externally only issued, by safety container by numerous applications It protects, greatly reduces the risk that cloud application program itself is attacked, improve the safety of cloud application program.
The access method of cloud application program provided by the invention, when outer net client accesses different cloud application programs, by Proxy server inside safety container is parsed and is forwarded request, and outer net client can be visited by a proxy server It asks different cloud application programs, also solves application safety problem of the user in access cloud application program process, improve visit Ask the safety of the user of cloud application program.
Detailed description of the invention
It in order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, below will be to institute in embodiment Attached drawing to be used is needed to be briefly described, it should be apparent that, the accompanying drawings in the following description is only some implementations of the invention Example, for those of ordinary skill in the art, without creative efforts, can also obtain according to these attached drawings Obtain other attached drawings.
Fig. 1 is the access signaling interaction diagram of cloud application program in the prior art;
Fig. 2 is the flow chart of the dissemination method for the cloud application program that the embodiment of the present invention 1 provides;
Fig. 3 is the structural block diagram of the delivery system for the cloud application program that the embodiment of the present invention 2 provides;
Fig. 4 is a kind of flow chart of the access method for cloud application program that the embodiment of the present invention 3 provides;
Fig. 5 is a kind of signaling interaction diagram of the access method for cloud application program that the embodiment of the present invention 3 provides;
Fig. 6 is the flow chart for the verification process that the embodiment of the present invention 3 provides;
Fig. 7 is the flow chart for the short message certification that the embodiment of the present invention 3 provides;
Fig. 8 is the flow chart for the token authentication that the embodiment of the present invention 3 provides;
Fig. 9 is the flow chart for the parsing true address that the embodiment of the present invention 3 provides;
Figure 10 is the browsing process figure of the outer net client for the different type of architecture that the embodiment of the present invention 3 provides.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
The object of the present invention is to provide dissemination method, delivery system and the access methods of a kind of cloud application program, can not only The risk that cloud application program itself is attacked enough is substantially reduced, the safety of cloud application program is improved, but also can solve user Application safety problem in access cloud application program process improves the safety of the user of access cloud application program.
In order to make the foregoing objectives, features and advantages of the present invention clearer and more comprehensible, with reference to the accompanying drawing and specific real Applying mode, the present invention is described in further detail.
Embodiment 1:
Fig. 2 is the flow chart of the dissemination method for the cloud application program that the embodiment of the present invention 1 provides.As shown in Fig. 2, a kind of cloud The dissemination method of application program, the dissemination method include:
Step 101: server establishes safety container beyond the clouds, includes authentication center, agency's clothes inside the safety container Be engaged in device and user each application program, the safety container include a logic interfacing, wherein the authentication center for pair The outer net client for sending authentication request to the proxy server carries out authentication.
Step 102: title, domain name addresses and the agreement of each application program of configuration.
Step 103: being encrypted, obtained each described using domain name addresses of the encryption method to each application program The encryption domain name of application program, the outer net client pass through the corresponding application program of the encryption domain name access.The present embodiment In, it is encrypted using domain name addresses of the Hash encryption method to each application program, obtains each application program Hash encrypt domain name.
Embodiment 2:
Fig. 3 is the structural block diagram of the delivery system for the cloud application program that the embodiment of the present invention 2 provides.As shown in figure 3, a kind of The delivery system of cloud application program, the delivery system include:
Safety container establishes module 201, establishes safety container for server beyond the clouds, includes inside the safety container Authentication center, proxy server and user each application program, the safety container include a logic interfacing, wherein institute It states authentication center and sends the outer net client progress authentication of authentication request for the opposite proxy server.
Level of application configuration module 202, for configuring title, domain name addresses and the agreement of each application program.
Domain name encrypting module 203, for being encrypted using encryption method to the domain name addresses of each application program, The encryption domain name of each application program is obtained, the outer net client applies journey by the way that the encryption domain name access is corresponding Sequence.In the present embodiment, domain name encrypting module 203 is using Hash encryption method to the domain name addresses of each application program It is encrypted, the Hash for obtaining each application program encrypts domain name.
Embodiment 3:
Fig. 4 is a kind of flow chart of the access method for cloud application program that the embodiment of the present invention 3 provides.As shown in figure 4, one The access method of kind cloud application program, the access method are used to access the delivery system, and the access method includes:
Step 301: outer net client sends authentication request to proxy server by the logic interfacing of safety container.This reality It applies in example, the outer net client is B/S framework applications access client or C/S framework applications access client.
Step 302: the authentication request is sent to authentication center and carries out authentication by the proxy server.
Step 303: the proxy server is by the logic interfacing of the safety container to the outer net after authenticating successfully Client returns to authentication information.
Step 304: the proxy server obtains the outer net client by the logic interfacing of the safety container and sends out The request data package sent parses the request data package, and the asking the outer net client according to the result of parsing Data packet is asked to be sent to corresponding application program.
Fig. 5 is a kind of signaling interaction diagram of the access method for cloud application program that the embodiment of the present invention 3 provides.It is of the invention first First server establishes safety container beyond the clouds, and the cloud application program of user is deployed in inside safety container, and externally only open A port, to achieve the purpose that protect user application.As shown in figure 5, being that the present invention establishes beyond the clouds in dotted line Safety container, include the application program of B/S framework, the application program of C/S framework, first agent of user inside safety container Server Enwas, second agent's server Enssl and unified authentication center etc..After the completion of user's deployment, it is only necessary to will use All application programs at family are configured in management end, and configuration content includes title, domain name addresses, agreement of application program etc., configuration After the completion, a domain name by Hash encryption can be configured for the true access domain name of application program, for giving outer net client End access uses.Outer net client is accessed by requesting the domain name after Hash encryption, and what is in fact accessed is this hair Bright proxy server, whether its account credible, whether equipment credible is judged for the request of user by proxy server and Whether flow is credible, effectively blocks most of illegal request.It will be answered below from subscription authentication, B/S application access and C/S It is described in detail with three aspects of access.
Authentication process as shown in Figure 5, user 1 complete authentication by A1-A6 step, and A1, A2 will be used by HTTP request Name in an account book, password, which are sent to first agent's server Enwas, A3, A4 step, then to be recognized by first agent's server Enwas and unified Card center is authenticated, if authenticated successfully, is returned to user and is logined successfully information (comprising mailbox, cell-phone number etc.).Wherein, Specific verification process is as shown in Figure 6:
User's web terminal in outer net client, that is, Fig. 5 first, which sends an access to first agent's server Enwas, asks It asks, then first agent's server Enwas judges the billing information (ticket) for whether having authentication in request, if user is Interior carrying ticket is authenticated and requested, then returns to user's requested system access interface, completes the foundation of communication channel.Such as Fruit request is internal not to have authentication information (ticket), then first agent's server Enwas, which can be returned, allows user to be re-introduced into institute The information of the login interface of Request System.In next step just need to carry out user authentication, need to request application relevant certification Server sends request, such as: Oauth server.The end Web directly requests to log in Oauth, and then Oauth is returned corresponding Login page;User inputs account number cipher and is sent to Oauth and authenticates by login page, passes through rear Oauth meeting in certification A ticket is returned, and web terminal is allowed to send connection request to requested destination application.
Meanwhile the present invention supports secondary login verification, including the verifying of short-message verification, mailbox, dynamic token to verify, test at random Demonstrate,prove code verifying and the verifying of hardware characteristics code.
Wherein, the detailed process of short message certification is as shown in Figure 7:
User is requested by the end Web to casb transmission, and webpage is opened in request, and casb can respond request return webpage;Then, User requests to log in, i.e., web terminal sends to casb and requests, and casb can reply a page, and have " please input short-message verification above The request of code ", while casb can be by Short Message Service Gateway, to the sending short message by mobile phone identifying code of this user.User is receiving verifying It, can be by the certification of casb, so as to smoothly access application after code, and after correctly entering confirmation.
The detailed process of token authentication is as shown in Figure 8:
User sends ticket request to casb by the end Web and opens webpage, and casb returns to webpage;Then, user requests It logging in, i.e., web terminal sends to casb and requests, and casb can reply a page, have the request of " please input dynamic token " above, User inputs corresponding short code by token, is sent to casb, the verification library that casb can be provided by token producer, by special Proof of algorithm, identification certification and judges whether to meet.
Session_id (authentication information) is returned to user by A5, A6 again, finally returns back to client, meanwhile, for The client browser of user's access, can save Session_id (authentication information), for judging the logging state of user, thus Complete the process entirely authenticated.
Then be the communication process of user's access application after authentication process, here for the system of B/S framework and The system of C/S framework is different, separates it is introduced respectively below.Wherein the system user of B/S framework passes through B, C two Route accesses operation system 1 and operation system 2 respectively, and each operation system is different cloud application program.Pass through client Destination address link and Session_id (authentication information) are sent, wherein step B1 request content is The request content of 1.casb.enlink.cn, step C1 are 2.casb.enlink.cn, are forwarded to the first generation by B2, C2 respectively Server Enwas is managed, first agent's server Enwas parses true address according to request address, is then directed to target clothes Be engaged in device, i.e., by the request content of step B1 by the parsing to 1.casb.enlink.cn after, pass through B3 be directed toward target application clothes Business 1 is directed toward target application service 2, i.e. business system by C3 after parsing the request content 2.casb.enlink.cn of step C1 The real service address of system (cloud application program) in safety container, pass through B4-B6 and C4-C6 and returns to client's access end.Extremely This, completes the foundation of entire access communication channel.
As shown in figure 9, realizing that process is as follows according to the parsing that request address parses true address:
The hyperlink request of user is 1.casb.enlink.cn, and in system, 1.casb.enlink.cn can be used as key Value, configures corresponding value value, and it is corresponding with this key to have a value value in casb internal database, is jumping When to concrete application, key and value value is replaced from the background, to reach real application address.
User's access for C/S framework, authentication process are completed to authenticate as B/S user, through D1-D6.Access is logical The foundation in letter channel is that user passes through Agent (client service) the progress policy distribution inside client, Agent (client Service) service intercepts the data packet of corresponding process, by the parsing to data packet, plus specific packet header (contain application type, The information such as url, port), second agent server Enssl is sent the request to by E1, E2, by second agent's server Enssl parses request data package, request is then turned to real goal address server-operation system 4 by E3, i.e., True application service of the operation system in cloud container, by E4-E6 returned data, to complete entire access communication channel It establishes.
The browsing process of the outer net client of different type of architecture is as shown in Figure 10: user is asked by client transmission first It asks to proxy server, carries out user identity authentication to unified certification center from proxy server and returned if authenticated successfully Corresponding authentication information is to client, and then client then will request according to different types of application, the application access of B/S type It is sent to first agent server Enwas, first agent's server Enwas is parsed and is forwarded to real goal server. C/S user carries out policy distribution by the Agent (client service) inside client, and Agent (client service) service is blocked The data packet for cutting corresponding process, by the parsing to data packet, in addition specific packet header is (containing the letter such as application type, url, port Breath), second agent server Enssl is sent the request to, request data package is parsed by second agent's server Enssl And request is turned into real goal address server.
The dissemination method and delivery system of cloud application program provided by the invention, server establishes safety container beyond the clouds, Cloud application program is deployed in safety container, an address and port are externally only issued, by safety container by numerous applications It protects, different applications is accessed for user, parsed by the proxy server of safety container and forwarded request, this Sample greatly reduces the risk attacked using itself.Meanwhile outer net client may have access to not by a proxy server collection Same cloud application program also solves application safety problem of the user in access cloud application program process, improves access cloud The safety of the user of application program.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with other The difference of embodiment, the same or similar parts in each embodiment may refer to each other.For system disclosed in embodiment For, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is said referring to method part It is bright.
Used herein a specific example illustrates the principle and implementation of the invention, and above embodiments are said It is bright to be merely used to help understand method and its core concept of the invention;At the same time, for those skilled in the art, foundation Thought of the invention, there will be changes in the specific implementation manner and application range.In conclusion the content of the present specification is not It is interpreted as limitation of the present invention.

Claims (6)

1. a kind of dissemination method of cloud application program, which is characterized in that the dissemination method includes:
Server establishes safety container beyond the clouds, includes authentication center, proxy server and user inside the safety container Each application program, the safety container include a logic interfacing, wherein the authentication center is for opposite agency's clothes The outer net client for device transmission authentication request of being engaged in carries out authentication;
Configure title, domain name addresses and the agreement of each application program;
It is encrypted using domain name addresses of the encryption method to each application program, obtains adding for each application program Close domain name, the outer net client pass through the corresponding application program of the encryption domain name access.
2. dissemination method according to claim 1, which is characterized in that described to use encryption method to each described using journey The domain name addresses of sequence is encrypted, and is specifically included:
It is encrypted using domain name addresses of the Hash encryption method to each application program, obtains each application program Hash encrypt domain name.
3. a kind of delivery system of cloud application program, which is characterized in that the delivery system includes:
Safety container establishes module, establishes safety container for server beyond the clouds, includes in certification inside the safety container The heart, proxy server and each application program of user, the safety container include a logic interfacing, wherein the certification Outer net client of the center for the opposite proxy server to send authentication request carries out authentication;
Level of application configuration module, for configuring title, domain name addresses and the agreement of each application program;
Domain name encrypting module is obtained each for being encrypted using encryption method to the domain name addresses of each application program The encryption domain name of a application program, the outer net client pass through the corresponding application program of the encryption domain name access.
4. delivery system according to claim 3, which is characterized in that domain name encrypting module uses Hash encryption method The domain name addresses of each application program is encrypted, the Hash for obtaining each application program encrypts domain name.
5. a kind of access method of cloud application program, which is characterized in that the access method is for accessing according to claim 3-4 Described in any item delivery systems, the access method include:
Outer net client sends authentication request to proxy server by the logic interfacing of safety container;
The authentication request is sent to authentication center and carries out authentication by the proxy server;
The proxy server is returned to the outer net client by the logic interfacing of the safety container and is reflected after authenticating successfully Weigh information;
The proxy server obtains the request data that the outer net client is sent by the logic interfacing of the safety container Packet, parses the request data package, and is sent the request data package of the outer net client according to the result of parsing To corresponding application program.
6. access method according to claim 5, which is characterized in that the outer net client is the access of B/S framework applications Client or C/S framework applications access client.
CN201810882900.1A 2018-08-06 2018-08-06 Cloud application program publishing method, publishing system and access method Active CN109040069B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810882900.1A CN109040069B (en) 2018-08-06 2018-08-06 Cloud application program publishing method, publishing system and access method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810882900.1A CN109040069B (en) 2018-08-06 2018-08-06 Cloud application program publishing method, publishing system and access method

Publications (2)

Publication Number Publication Date
CN109040069A true CN109040069A (en) 2018-12-18
CN109040069B CN109040069B (en) 2020-09-18

Family

ID=64648572

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810882900.1A Active CN109040069B (en) 2018-08-06 2018-08-06 Cloud application program publishing method, publishing system and access method

Country Status (1)

Country Link
CN (1) CN109040069B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109600380A (en) * 2018-12-19 2019-04-09 北京创鑫旅程网络技术有限公司 Data transmission method and device
CN111049909A (en) * 2019-12-17 2020-04-21 昆山华东信息科技有限公司 Software release method
CN111416826A (en) * 2020-03-24 2020-07-14 江苏易安联网络技术有限公司 System and method for safely releasing and accessing application service
CN111444495A (en) * 2020-05-20 2020-07-24 江苏易安联网络技术有限公司 System and method for realizing single sign-on based on container
CN111611508A (en) * 2020-05-28 2020-09-01 江苏易安联网络技术有限公司 Identification method and device for actual website access of user
CN113452727A (en) * 2020-03-24 2021-09-28 北京京东尚科信息技术有限公司 Equipment cloudization service processing method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100132016A1 (en) * 2008-11-26 2010-05-27 James Michael Ferris Methods and systems for securing appliances for use in a cloud computing environment
CN101741882A (en) * 2008-11-27 2010-06-16 Tcl集团股份有限公司 CE equipment-oriented internet portal service system and method
CN106534148A (en) * 2016-11-29 2017-03-22 北京元心科技有限公司 Access control method and device for application
CN107493344A (en) * 2017-08-29 2017-12-19 郑州云海信息技术有限公司 A kind of method and system of web access Docker containers
CN107624238A (en) * 2015-05-19 2018-01-23 微软技术许可有限责任公司 To the safe access control of the application based on cloud

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100132016A1 (en) * 2008-11-26 2010-05-27 James Michael Ferris Methods and systems for securing appliances for use in a cloud computing environment
CN101741882A (en) * 2008-11-27 2010-06-16 Tcl集团股份有限公司 CE equipment-oriented internet portal service system and method
CN107624238A (en) * 2015-05-19 2018-01-23 微软技术许可有限责任公司 To the safe access control of the application based on cloud
CN106534148A (en) * 2016-11-29 2017-03-22 北京元心科技有限公司 Access control method and device for application
CN107493344A (en) * 2017-08-29 2017-12-19 郑州云海信息技术有限公司 A kind of method and system of web access Docker containers

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109600380A (en) * 2018-12-19 2019-04-09 北京创鑫旅程网络技术有限公司 Data transmission method and device
CN111049909A (en) * 2019-12-17 2020-04-21 昆山华东信息科技有限公司 Software release method
CN111049909B (en) * 2019-12-17 2024-04-02 昆山华东信息科技有限公司 Software release method
CN111416826A (en) * 2020-03-24 2020-07-14 江苏易安联网络技术有限公司 System and method for safely releasing and accessing application service
CN113452727A (en) * 2020-03-24 2021-09-28 北京京东尚科信息技术有限公司 Equipment cloudization service processing method and device
CN113452727B (en) * 2020-03-24 2024-05-24 北京京东尚科信息技术有限公司 Service processing method and device for equipment clouding and readable medium
CN111444495A (en) * 2020-05-20 2020-07-24 江苏易安联网络技术有限公司 System and method for realizing single sign-on based on container
CN111611508A (en) * 2020-05-28 2020-09-01 江苏易安联网络技术有限公司 Identification method and device for actual website access of user

Also Published As

Publication number Publication date
CN109040069B (en) 2020-09-18

Similar Documents

Publication Publication Date Title
CN108901022B (en) Micro-service unified authentication method and gateway
CN109040069A (en) A kind of dissemination method, delivery system and the access method of cloud application program
WO2016188256A1 (en) Application access authentication method, system, apparatus and terminal
Sun et al. The devil is in the (implementation) details: an empirical analysis of OAuth SSO systems
US8683607B2 (en) Method of web service and its apparatus
CN107122674B (en) Access method of oracle database applied to operation and maintenance auditing system
US20140089661A1 (en) System and method for securing network traffic
CN112468481B (en) Single-page and multi-page web application identity integrated authentication method based on CAS
CN106209749A (en) Single-point logging method and the processing method and processing device of device, relevant device and application
CN107508837A (en) A kind of cross-platform heterogeneous system login method based on intelligent code key certification
CN103297437A (en) Safety server access method for mobile intelligent terminal
CN109861968A (en) Resource access control method, device, computer equipment and storage medium
CN107579991A (en) A kind of method that high in the clouds protection certification is carried out to client, server and client side
US10601809B2 (en) System and method for providing a certificate by way of a browser extension
CN108234509A (en) FIDO authenticators, Verification System and method based on TEE and PKI certificates
Hubbard et al. A study of SSL proxy attacks on Android and iOS mobile applications
WO2016130909A1 (en) System and methods for user authentication across multiple domains
KR20130109322A (en) Apparatus and method to enable a user authentication in a communication system
WO2016188335A1 (en) Access control method, apparatus and system for user data
CN109962892A (en) A kind of authentication method and client, server logging in application
CN109309684A (en) A kind of business access method, apparatus, terminal, server and storage medium
CN103023856A (en) Single sign-on method, single sign-on system, information processing method and information processing system
CN101986598A (en) Authentication method, server and system
CN104821951B (en) A kind of method and apparatus of secure communication
CN114826692B (en) Information login system, method, electronic device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant