CN106209746B - Security service providing method and server - Google Patents
Security service providing method and server Download PDFInfo
- Publication number
- CN106209746B CN106209746B CN201510229740.7A CN201510229740A CN106209746B CN 106209746 B CN106209746 B CN 106209746B CN 201510229740 A CN201510229740 A CN 201510229740A CN 106209746 B CN106209746 B CN 106209746B
- Authority
- CN
- China
- Prior art keywords
- application
- call request
- user
- service providing
- sender
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The application provides a safety service providing server and a method, wherein a basic platform is used for verifying a call request after receiving the call request of a user to any application, forwarding the call request to the called application after the call request passes the verification, and configuring resources for the operation of the called application, each application is used for receiving the call request forwarded by the basic platform and providing safety services for the user according to the call request, the basic platform uniformly provides services of request verification and resource configuration for all applications, and each application is independent of other applications in the operation process, so that theoretically, an infinite number of applications can be constructed based on the basic platform, and the expandability of the safety service providing server can be improved.
Description
Technical Field
The present application relates to the field of electronic information, and in particular, to a security service providing server.
Background
A Security Operation Center (SOC) is a system for performing centralized management (including centralized operation state monitoring, event collection and analysis, and issuing Security policies) on Security devices.
The traditional SOC is generally constructed as a system, and for the traditional SOC, the system is closed, and the system comprises a plurality of modules such as asset management, security log management, event management, process management, risk management and the like, wherein the security log is analyzed to generate a security event, and then the security event is operated to drive the solution of the security problem so as to reduce the security risk. It can be seen that the conventional SOC is a complex system, in which various levels of coupling and calling exist between functions, thereby affecting and restricting each other, and when the functions are accumulated to a certain degree, the complexity of the system may exceed the tolerable range of the system itself, thereby preventing new functions from being continuously added.
As can be seen, the conventional SOC has a problem in that the expansion of the function is limited.
Disclosure of Invention
The application provides a security service providing method and a server, and aims to solve the problem that the function expansion of the traditional SOC is limited.
In order to achieve the above object, the present application provides the following technical solutions:
a secure service providing server comprising:
the system comprises a basic platform and at least one application, wherein each application in the at least one application is independent of other applications in the running process;
the basic platform is used for verifying a call request of a user for any application after receiving the call request, forwarding the call request to the called application after the call request passes the verification, and configuring resources for the operation of the application called by the call request;
each application in the at least one application is used for receiving the call request forwarded by the basic platform and providing the safe service for the user according to the call request.
Optionally, the verifying the call request by the base platform includes:
the basic platform is specifically used for verifying whether the network parameters of the sender of the call request are legal or not, verifying whether the sender of the call request is a legal user or not and verifying whether the sender of the call request has the authority to call the application or not;
the basic platform is used for forwarding the call request to the called application after the call request is verified, and the basic platform comprises:
the basic platform is specifically configured to forward the invocation request to the invoked application thereof when the network parameter of the invocation request sender is legal, the invocation request sender is a legal user, and the invocation request sender has the authority to invoke the application.
Optionally, the network parameters of the sender of the invocation request at least include one of:
the internet protocol IP of the sender of the invocation request, the uniform resource locator URL, and the parameters of the HTTP request.
Optionally, the base platform is further configured to:
under the condition that the sender of the call request is a legal user, the current access data of the sender of the call request is used for replacing the historical access data;
and if the sender does not access within a preset time range, deleting the historical access data of the sender, wherein the starting point of the preset time range is the last access moment of the sender.
Optionally, the configuring, by the base platform, resources for running of the application called by the call request includes:
the basic platform is specifically configured to start a bottom layer communication connection, a database connection pool, and a cache connection of the application called by the call request.
Optionally, the base platform is further configured to:
and receiving a modification instruction of the user to any application, and updating the application to be modified according to the modification instruction.
Alternatively,
each application comprises: a portal of the application, a static file of the application, a dynamic file of the application, and a main program of the application;
the base platform is further configured to: and generating a portal of each application by using the static file and the dynamic file through a rendering technology, and displaying the portal of the application called by the calling request to the user after the calling request of the user passes verification.
Optionally, the method further comprises:
the first operation control module is used for controlling each application to operate within a range specified by a respective preset maximum operation resource, wherein the maximum operation resource at least comprises one of the following items: the number of connectable databases, the number of threads that can run, the amount of memory requests that can be occupied, and the frequency of file reads and writes.
Optionally, the method further comprises:
the second operation control module is used for controlling each application to access files or data in respective preset access authority and/or controlling each application to access the cache space in respective preset access authority.
Optionally, if several functions can be implemented by running any one application, the several functions belong to the same preset domain.
Optionally, the base platform is further configured to:
the user is presented with the application and a list of functions included in the application.
Optionally, the base platform is further configured to:
and displaying a personalized list related to the use habits of the user to the user under the condition that the user is a login user.
A secure service providing method, comprising:
after receiving a call request of a user to any one application in at least one application, a security service providing server verifies the call request;
after the call request passes the verification, forwarding the call request to the called application, and configuring resources for the operation of the application called by the call request;
and providing the safe service for the user by running the application called by the calling request.
Optionally, the verifying, by the security service providing server, the invocation request includes:
the safety service providing server verifies whether the network parameter of the sender of the calling request is legal or not, verifies whether the sender of the calling request is a legal user or not and verifies whether the sender of the calling request has the authority to call the application or not;
after the call request is verified, the secure service providing server forwards the call request to the called application, including:
and under the condition that the network parameters of the sender of the call request are legal, the sender of the call request is a legal user and the sender of the call request has the authority of calling the application, the security service providing server forwards the call request to the called application.
Optionally, the method further comprises:
the secure service providing server controls each application to operate within a range specified by a respective preset maximum operation resource, wherein the maximum operation resource at least comprises one of the following items: the number of connectable databases, the number of threads that can run, the amount of memory requests that can be occupied, and the frequency of file reads and writes.
Optionally, the method further comprises:
the security service providing server controls each application to access files or data in respective preset access authority and/or controls each application to access the cache space in respective preset access authority.
Optionally, the method further comprises:
the security service providing server presents the application and a list of functions included in the application to the user, and presents a personalized list related to a use habit of the user to the user in a case where the user is a login user.
The safety service providing server comprises a basic platform and at least one application, wherein the basic platform is used for verifying a call request of a user to any application after receiving the call request, forwarding the call request to the called application after the call request passes the verification, and configuring resources for the operation of the called application, each application is used for receiving the call request forwarded by the basic platform and providing safety services for the user according to the call request, therefore, in the process of calling any application, the basic platform completes the verification process of the call request and the process of configuring resources for the application, so that each application only needs to pay attention to the safety services, and the processes of requesting the verification and configuring the resources are concentrated on the basic platform, that is to say, the basic platform provides services for requesting authentication and resource configuration for all applications in a unified manner, and each application is independent of other applications in the running process, so the security service providing server has a structure of separating technology from services.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a security service providing server disclosed in an embodiment of the present application;
fig. 2 is a flowchart of basic platform function implementation in a security service providing server disclosed in an embodiment of the present application;
fig. 3 is a schematic logical structure diagram of a basic platform in a security service providing server according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of another security service providing server disclosed in the embodiment of the present application;
fig. 5 is a schematic structural diagram of an APP in a security service providing server disclosed in an embodiment of the present application;
fig. 6 is a schematic diagram of a secure operating portal disclosed in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
An embodiment of the present application discloses a security service providing server, as shown in fig. 1, including: a base platform 101 and at least one Application 102 (APP). In this example, APP-1, APP-2, and … … APP-N are used as examples.
The functions of the base platform 101 are mainly focused on providing common functions or services for each application, that is, the base platform is configured to verify a call request after receiving the call request of a user for any application, forward the call request to an application called by the base platform after the call request passes the verification, and configure resources for running of the application called by the call request.
Specifically, a specific implementation manner of the basic platform 101 for implementing the above functions is shown in fig. 2, and includes the following steps:
s201: receiving a call request of a user for any application;
in this embodiment, specifically, the logic structure of the base platform may be as shown in fig. 3, that is: the basic platform provides a Web service capability, and a user can access the basic platform through a call Request (Request) based on a HyperText Transfer Protocol (http). The base platform transfers the call Request (Request) to the corresponding class (class) for processing through Uniform Resource Locator (URL) mapping. Meanwhile, all the call requests are intercepted in the Request hook, and the call requests are processed in the following steps.
S202: verifying whether the network parameter of the sender of the calling request is legal, if so, executing S203, and if not, ending the process;
in this embodiment, the network parameters may include one or more of an internet protocol IP, a uniform resource locator URL, and parameters of an HTTP request (e.g., HTTP:// 127.0.0.1/test/abc? a ═ 1& b ═ 2, where a and b are parameters of the HTTP request), and specifically, whether the IP is legitimate may be verified according to a pre-set white list and/or black list of the IP, whether the URL request includes an attack may be verified according to parameters of the HTTP request, for example, if the parameters include a character such as < script >, an XSS attack may exist (XSS attack refers to Cross Site screening, a malicious attacker inserts a malicious html code into a Web page, and when a user browses the page, the html code embedded within the Web may be executed to achieve a special purpose of the malicious user).
S203: verifying whether a sender of the calling request is a legal user, if so, executing S204, if not, returning to a login interface, and executing S203 again after the user logs in;
specifically, the logged-in user may be determined as a legal user, and the user who is not logged in may be regarded as an illegal user.
S204: verifying whether a sender of the calling request has the authority to call the application, if so, executing S205, and if not, reminding a user that the calling authority is not available;
s205: forwarding the call request to the called application;
s206: and starting the bottom communication connection, the database connection pool and the cache connection of the application called by the call request.
The underlying communication connection refers to the most basic socket (two programs on the network exchange data through a bidirectional communication connection, and one end of the connection is called a socket).
In addition to the above steps, optionally, in this embodiment, in S203, if it is verified whether the sender of the invocation request is a valid user, after S203, the base platform may further perform the following steps:
s207: replacing the historical access data of the sender of the call request by using the current access data of the sender of the call request;
s208: and if the sender does not access within a preset time range, deleting the historical access data of the sender, wherein the starting point of the preset time range is the last access moment of the sender.
Specifically, the access data may include a user name and a login time of the sender. That is to say, after the user logs in each time, the current login time is used to replace the previous login time, the purpose is to record the access condition of the user, if the user does not access for a long time, the user needs to log in again, and if the user accesses again within the preset time range, the user can be free from logging in, so that the user can use the system conveniently.
The above is the function of the basic platform in this embodiment, and it can be seen that, in this embodiment, the basic platform can provide uniform verification service and resource configuration for each APP, and the APP only needs to pay attention to the service itself.
In this embodiment, each APP102 is configured to: and receiving a call request forwarded by the basic platform, and providing a security service for a user according to the call request. For example, the APP may be a security breach operation platform, an intrusion detection operation platform, and the like.
In addition, each APP is independent of other applications in the running process, that is, each APP is an independent individual, there is no logical coupling relationship between the APPs, and the other APPs are not affected by the online or offline release of each APP, so that a vertical independent system is formed. The functions inside the APP can also form a system, and can be designed according to the service characteristics.
As can be seen from the above description, the secure service providing server described in this embodiment is constructed by adopting the mode of "platform + APP", compared with the traditional safety operation system (the system is an organic whole with specific functions and formed by combining a plurality of components which interact and depend mutually), the system has fundamental changes on the architecture, because the base platform assumes the common services of call request validation and resource configuration for each APP, and each APP operates independently, so there is no upper bound theoretically on the number of APPs that can be added based on the underlying platform, therefore, the expandability of the safety service providing server can be greatly improved, and, because each APP is provided with services by the basic platform, therefore, the data generated by each APP has natural affinity and associated convenience, and therefore, the development efficiency of the security service providing server can be improved.
Compared with the above embodiments, the present embodiment of another security service providing server disclosed in the present application embodiment adds a control module for APP operation to improve the security of APP operation.
As shown in fig. 4, the security service providing server according to this embodiment includes: a base platform 101, at least one APP102, a first operational control module 103 and a second operational control module 104.
The functions of the base platform 101 and the APP are the same as those of the above embodiments, and are not described here again.
The following description focuses on the functions of the first operation control module 103 and the second operation control module 104:
the first operation control module 103 is configured to control each application to operate within a range specified by a respective preset maximum operation resource, where the maximum operation resource at least includes one of: the number of connectable databases, the number of threads that can run, the amount of memory requests that can be occupied, and the frequency of file reads and writes. For example, if the maximum connectable database number of an APP is 5, during the running of the APP, when the number of connected databases reaches 5, the first running module may make the number of connected databases not exceed 5 in some manner (e.g., prohibit the APP from reconnecting the database).
In this embodiment, the maximum operation resource may be preset by a user, or may be set by the first operation control module according to a condition of the system.
The second operation control module 104 is configured to control each application to access a file or data in a respective preset access right, and/or control each application to access a cache space in a respective preset access right.
That is to say, the second operation control module can limit the access of each APP to the important data and files, and can also limit the access of each APP to the cache space, so as to prevent any APP from illegally accessing the sensitive data or files of other APPs beyond the boundary. These sensitive data or files include both data or files stored in the database and data or files in the file and data or files in the cache. Sensitive data or file management can be achieved through black and/or white lists, and the black and/or white lists can be updated online.
Similarly, the access right may be preset by the user, or may be set by the first operation control module according to the condition of the system.
In this embodiment, first operation control module and second operation control module can be regarded as "APP sandbox", and its aim at builds relatively independent operational environment for each APP, avoids different APPs to disturb each other or resource competition on same platform, can enough guarantee the high-efficient operation of APP, can guarantee the safe operation of APP again.
It should be noted that, in practical applications, the first operation control module and the second operation control module may be flexibly configured according to requirements, and either one or both of them may be used.
On the basis of the above embodiments, the present embodiment of the present invention further discloses a security service providing server, and the emphasis is on improving the user experience.
The structure of the safety operation center described in this embodiment is the same as that shown in fig. 4, and is different from the above embodiments in that, in this embodiment, if any one APP is operated, a plurality of functions can be implemented, and then the plurality of functions belong to the same preset field. That is, in the present embodiment, functions in the same field are combined together to form an APP.
Compare in traditional SOC similar function piles up in menu at each level, a APP represents the mode in a field, and convenience of customers finds interesting APP fast, and the user can only pay attention to this APP to raise the efficiency.
In this embodiment, as shown in fig. 5, each APP may include: the portal of the APP, the static file of the APP, the dynamic file of the APP and the main program of the APP. The portal is similar to the home page or entrance of the APP and provides function navigation and shortcut menus, graphs, forms and the like of important functions. The static files mainly include static pages, styles, pictures, and the like. The template file is used to provide dynamic page capabilities and dynamic display effects. The main program provides background implementation and interface implementation of functions contained in the APP. In the above section, only the APP portal is visible to the user.
In this embodiment, the basic platform may have functions of displaying the APP and modifying the APP in addition to the functions described in the above embodiments:
specifically, the basic platform may generate a portal for each APP by using the static file and the dynamic file through a rendering technique.
Further, the basic platform may also collectively display all the APPs and the functions included in each APP to the user to form a secure operation portal, as shown in fig. 6, each APP is included in the secure operation portal, each APP includes various functions, and, in the case that the user is a login user, the basic platform may also show a personality list related to the use habit of the user to the login user. For example, as shown in fig. 6, the personality list is a proxy event, my attention, a security bulletin, a shortcut region for a common function, and the like. The backlog is used for fusing the operation work orders of the current user on each APP (operation platform), and is conveniently and quickly communicated with each operation platform to process the work orders; my concerns are used for fusing operation data of current users in various APPs (operation platforms), including interested data, charts, reports and alarms; the security bulletin is used for fusing hotspot information of each APP (operation platform), such as vulnerability bulletin, security event bulletin and the like; the common functions are used for fusing the most common function menus of the current users in each APP (operation platform), providing a shortcut channel and supporting self-definition (next version).
For the user, the items shown in fig. 6 together constitute a secure operation portal of the secure service providing server. The user can select a certain APP in the secure operation portal, after the user selects (for example, clicks) a certain APP, the base platform receives a call request of the user to the APP, verifies the call request, if the verification is passed, the user can enter the portal of the APP and perform corresponding operation (for example, select a certain function), and the main program of the APP responds to the operation of the user. The base platform configures resources for the operation of the APP. .
The basic platform can also receive a modification instruction of a user to any APP, and updates the application to be modified according to the modification instruction. Namely: the basic platform provides the capability of each APP for modifying the configuration of the APP on line, and realizes the real-time updating of the configuration.
The safety service providing server in the embodiment can show the APP divided by the field to the user, and can perform good interaction with the user through the safety operation portal, so that the use of the user is facilitated, and the user experience is improved.
The security service providing server described in the above embodiment may be disposed in a security operations center, that is: the safety operation center comprises a safety service providing server and a client, wherein the client sends an application calling request to the safety service providing server to apply for the safety service, and the safety service providing server responds to the calling request according to the functions to provide the safety service for the client.
The embodiment of the present application further discloses a security service providing method, which can be applied to the security service providing server in the above embodiment, and the method includes the following steps:
a: after receiving a call request of a user to any one application in at least one application, a security service providing server verifies the call request;
b: after the call request passes the verification, the security service providing server forwards the call request to the called application of the security service providing server and configures resources for the operation of the application called by the call request;
c: and the safety service providing server provides safety service for the user by running the application called by the calling request.
Specifically, the specific implementation manner of the security service providing server verifying the invocation request may be: verifying whether the network parameter of the sender of the call request is legal, verifying whether the sender of the call request is a legal user and verifying whether the sender of the call request has the authority to call the application. In this case, after the call request is verified, the security service providing server may forward the call request to the called application in a specific implementation manner: and under the condition that the network parameters of the sender of the call request are legal, the sender of the call request is a legal user and the sender of the call request has the authority of calling the application, the security service providing server forwards the call request to the called application.
Optionally, this embodiment may further include the following steps:
d: the safety service providing server controls each application to operate within a range specified by a respective preset maximum operation resource, wherein the maximum operation resource at least comprises one of the following items: the number of connectable databases, the number of threads that can run, the amount of memory requests that can be occupied, and the frequency of file reads and writes.
E: the security service providing server controls each application to access the file or data in the respective preset access authority and/or controls each application to access the cache space in the respective preset access authority.
F: and the safety service providing server shows the application and a list of functions contained in the application to the user, and shows a personalized list related to the use habit of the user to the user under the condition that the user is a login user.
The method in the embodiment can improve the expandability of the security service providing server.
The functions described in the method of the embodiment of the present application, if implemented in the form of software functional units and sold or used as independent products, may be stored in a storage medium readable by a computing device. Based on such understanding, part of the contribution to the prior art of the embodiments of the present application or part of the technical solution may be embodied in the form of a software product stored in a storage medium and including several instructions for causing a computing device (which may be a personal computer, a server, a mobile computing device or a network device) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (15)
1. A secure service providing server, comprising:
the system comprises a basic platform and at least one application, wherein each application in the at least one application is independent of other applications in the running process; each application has no logic coupling relation with each other;
the basic platform is used for verifying a call request of a user for any application after receiving the call request, forwarding the call request to the called application after the call request passes the verification, and configuring resources for the operation of the application called by the call request;
each application in the at least one application is used for receiving the call request forwarded by the basic platform and providing the safe service for the user according to the call request.
2. The secure service provisioning server of claim 1, wherein said base platform for validating said invocation request comprises:
the basic platform is specifically used for verifying whether the network parameters of the sender of the call request are legal or not, verifying whether the sender of the call request is a legal user or not and verifying whether the sender of the call request has the authority to call the application or not;
the basic platform is used for forwarding the call request to the called application after the call request is verified, and the basic platform comprises:
the basic platform is specifically configured to forward the invocation request to the invoked application thereof when the network parameter of the invocation request sender is legal, the invocation request sender is a legal user, and the invocation request sender has the authority to invoke the application.
3. The secure service provisioning server of claim 2, wherein said base platform is further configured to:
under the condition that the sender of the call request is a legal user, the current access data of the sender of the call request is used for replacing the historical access data;
and if the sender does not access within a preset time range, deleting the historical access data of the sender, wherein the starting point of the preset time range is the last access moment of the sender.
4. A secure service providing server according to any one of claims 1 to 3, wherein the base platform is further configured to:
and receiving a modification instruction of the user to any application, and updating the application to be modified according to the modification instruction.
5. A secure service providing server according to any one of claims 1 to 3,
each application comprises: a portal of the application, a static file of the application, a dynamic file of the application, and a main program of the application;
the base platform is further configured to: and generating a portal of each application by using the static file and the dynamic file through a rendering technology, and displaying the portal of the application called by the calling request to the user after the calling request of the user passes verification.
6. The secure service providing server according to claim 1, further comprising:
the first operation control module is used for controlling each application to operate within a range specified by a respective preset maximum operation resource, wherein the maximum operation resource at least comprises one of the following items: the number of connectable databases, the number of threads that can run, the amount of memory requests that can be occupied, and the frequency of file reads and writes.
7. The secure service providing server according to claim 1 or 6, further comprising:
the second operation control module is used for controlling each application to access files or data in respective preset access authority and/or controlling each application to access the cache space in respective preset access authority.
8. The security service providing server according to claim 1, wherein if a plurality of functions can be implemented by running any one application, the plurality of functions belong to the same preset domain.
9. The secure service provisioning server of claim 1 or 8, wherein said base platform is further configured to:
the user is presented with the application and a list of functions included in the application.
10. The secure service provisioning server of claim 9, wherein said base platform is further configured to:
and displaying a personalized list related to the use habits of the user to the user under the condition that the user is a login user.
11. A method for providing secure services, comprising:
after receiving a call request of a user to any one application in at least one application, a security service providing server verifies the call request; each application in the at least one application has no logical coupling relation with each other;
after the call request passes the verification, the security service providing server forwards the call request to the called application of the security service providing server and configures resources for the operation of the application called by the call request;
and the safety service providing server provides safety service for the user by running the application called by the calling request.
12. The method of claim 11, wherein the verifying the invocation request by the secure service providing server comprises:
the safety service providing server verifies whether the network parameter of the sender of the calling request is legal or not, verifies whether the sender of the calling request is a legal user or not and verifies whether the sender of the calling request has the authority to call the application or not;
after the call request is verified, the secure service providing server forwards the call request to the called application, including:
and under the condition that the network parameters of the sender of the call request are legal, the sender of the call request is a legal user and the sender of the call request has the authority of calling the application, the security service providing server forwards the call request to the called application.
13. The method of claim 11, further comprising:
the secure service providing server controls each application to operate within a range specified by a respective preset maximum operation resource, wherein the maximum operation resource at least comprises one of the following items: the number of connectable databases, the number of threads that can run, the amount of memory requests that can be occupied, and the frequency of file reads and writes.
14. The method of claim 11 or 13, further comprising:
the security service providing server controls each application to access files or data in respective preset access authority and/or controls each application to access the cache space in respective preset access authority.
15. The method of claim 11, further comprising:
the security service providing server presents the application and a list of functions included in the application to the user, and presents a personalized list related to a use habit of the user to the user in a case where the user is a login user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510229740.7A CN106209746B (en) | 2015-05-07 | 2015-05-07 | Security service providing method and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510229740.7A CN106209746B (en) | 2015-05-07 | 2015-05-07 | Security service providing method and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106209746A CN106209746A (en) | 2016-12-07 |
| CN106209746B true CN106209746B (en) | 2019-12-27 |
Family
ID=57459912
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510229740.7A Active CN106209746B (en) | 2015-05-07 | 2015-05-07 | Security service providing method and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106209746B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108259429B (en) * | 2016-12-29 | 2021-01-29 | 航天信息股份有限公司 | Method and system for controlling software distribution |
| CN107204982B (en) * | 2017-06-13 | 2019-02-05 | 成都四方伟业软件股份有限公司 | Interactive data system universal safety guard system |
| CN108833565B (en) * | 2018-06-26 | 2021-07-27 | 浙江齐聚科技有限公司 | Method and device for monitoring server, server and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102378170A (en) * | 2010-08-27 | 2012-03-14 | ***通信有限公司 | Method, device and system of authentication and service calling |
| CN102819596A (en) * | 2012-08-13 | 2012-12-12 | 福建邮科通信技术有限公司 | Location comprehensive service platform system |
| CN102958166A (en) * | 2011-08-29 | 2013-03-06 | 华为技术有限公司 | Resource allocation method and resource management platform |
| CN103973642A (en) * | 2013-01-30 | 2014-08-06 | 中国电信股份有限公司 | Method and device for realizing JS API security access control |
| CN104519008A (en) * | 2013-09-26 | 2015-04-15 | 北大方正集团有限公司 | Cross-site scripting attack defense method and device and application server |
-
2015
- 2015-05-07 CN CN201510229740.7A patent/CN106209746B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102378170A (en) * | 2010-08-27 | 2012-03-14 | ***通信有限公司 | Method, device and system of authentication and service calling |
| CN102958166A (en) * | 2011-08-29 | 2013-03-06 | 华为技术有限公司 | Resource allocation method and resource management platform |
| CN102819596A (en) * | 2012-08-13 | 2012-12-12 | 福建邮科通信技术有限公司 | Location comprehensive service platform system |
| CN103973642A (en) * | 2013-01-30 | 2014-08-06 | 中国电信股份有限公司 | Method and device for realizing JS API security access control |
| CN104519008A (en) * | 2013-09-26 | 2015-04-15 | 北大方正集团有限公司 | Cross-site scripting attack defense method and device and application server |
Non-Patent Citations (1)
| Title |
|---|
| 运营商IP网安全管理平台SOC的设计与工程实现;赖睿;《中国优秀硕士学位论文全文数据库》;20130815(第8期);正文第2.7、4.4.3节,第7章,图4-8 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106209746A (en) | 2016-12-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11157616B2 (en) | Mobile application management | |
| US9418218B2 (en) | Dynamic rendering of a document object model | |
| US10764290B2 (en) | Governed access to RPA bots | |
| RU2446459C1 (en) | System and method for checking web resources for presence of malicious components | |
| CA3113673C (en) | Systems and methods for consistent enforcement policy across different saas applications via embedded browser | |
| KR102433089B1 (en) | System and method for third party application activity data collection | |
| US11489933B2 (en) | Systems and methods for gamification of SaaS applications | |
| CN103607385A (en) | Method and apparatus for security detection based on browser | |
| EP2642718B1 (en) | Dynamic rendering of a document object model | |
| US8694993B1 (en) | Virtualization platform for secured communications between a user device and an application server | |
| CA3112194A1 (en) | Systems and methods for integrated service discovery for network applications | |
| US11592966B2 (en) | Systems and methods for SaaS overlays using embedded browser | |
| US11290574B2 (en) | Systems and methods for aggregating skills provided by a plurality of digital assistants | |
| WO2013079113A1 (en) | Secure cloud browsing client-server system and method of secure remote browsing using the same | |
| De Ryck et al. | A security analysis of next generation web standards | |
| US20200374250A1 (en) | Systems and methods for filtering notifications for end points associated with a user | |
| CN106209746B (en) | Security service providing method and server | |
| CN103561076A (en) | Webpage trojan-linking real-time protection method and system based on cloud | |
| CN112836186A (en) | Page control method and device | |
| KR101234592B1 (en) | Method of driving vaccine program of web browser in cell phone having Android operating system | |
| CN117473542A (en) | Service data access method, device, equipment and storage medium | |
| Karolos | " Vulnerability Tester": An Android App which Finds and Exploits Application Layer Vulnerabilities of Other Apps | |
| Konic | Security issues in Microsoft SharePoint 2007 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |