CN106559399A - A kind of the Internet mobile terminal synthesis managing and control system - Google Patents
A kind of the Internet mobile terminal synthesis managing and control system Download PDFInfo
- Publication number
- CN106559399A CN106559399A CN201510641320.XA CN201510641320A CN106559399A CN 106559399 A CN106559399 A CN 106559399A CN 201510641320 A CN201510641320 A CN 201510641320A CN 106559399 A CN106559399 A CN 106559399A
- Authority
- CN
- China
- Prior art keywords
- internet
- mobile terminal
- management
- control system
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
Abstract
The invention discloses a kind of the Internet mobile terminal synthesis managing and control system, it is characterised in that include:The Internet mobile terminal managing and control system, the intelligent mobile terminal to accessing the Internet carry out comprehensive management and control, and the corresponding operating in mobile terminal is locked and forbidden;Internet traffic controlling and management;Real-time tracking and monitoring are carried out to the flow of the Internet and monitored results are implemented with corresponding management;And Internet user authentication management system in army, identification is authenticated to the user terminal of the Internet in access army.By using above-mentioned total management system, have effectively achieved the security management and control to mobile terminal, it is ensured that the safety of important information.
Description
Technical field
The present invention relates to the security management and control field of the Internet mobile terminal, particularly a kind of the Internet mobile terminal
Comprehensive managing and control system.
Background technology
Existing smart mobile phone or can by other mobile terminal devices of wireless network access the Internet,
May by taking pictures, imaging or the mode such as geographical location information is uploaded, by important information in state can be obtained,
Some need the research and development area of the such as company's new product of region disclosed in restricted information, Experimental Area, or other
The field of need for confidentiality, after mobile terminal device enters the region, it is impossible to ensure important information safety.By
In the Internet mobile terminal device that there is currently no controllable management, just there is no the management movement end yet
The management system of end equipment.And need the Internet mobile device used in strict region enter information
Row management, it is easy to cause important information to reveal, affects information security.To the Internet of restricted area
Management and control has become the major issue for being badly in need of solving.
The content of the invention
In view of this, it is an object of the invention to provide one kind can be to needing management and control region implementation information safety
The Internet mobile terminal synthesis managing and control system of management and control.
Included based on the Internet mobile terminal synthesis managing and control system that the above-mentioned purpose present invention is provided:
The Internet mobile terminal managing and control system, the intelligent mobile terminal to accessing the Internet carry out comprehensive management and control,
Corresponding operating in mobile terminal is locked and forbidden;Internet traffic controlling and management;To mutual
The flow of networking carries out real-time tracking and monitoring, and monitored results are implemented with corresponding management;And the Internet
User authentication management system, the user terminal to accessing the Internet in army are authenticated identification.
In some embodiments, the Internet mobile terminal managing and control system includes following subsystem:
Attack protection and Anti-Virus, carry out monitor in real time to network-wide security situation, according to level of security threat
Early warning is carried out, and conventional security incident is tracked using DLP technologies, effectively prevent Cyberthreat;
Information filtering and auditing system, exercise supervision and manage to user's internet behavior, to user search, it is clear
The sensitive public feelings information look at, issued is monitored, and guided according to prediction scheme, early warning or implement closure,
And firewall box is combined, it is linked at the total gateway of network, by net using bypass mirror image listening mode
Network data flow is analyzed, there is provided behavior monitoring and contents supervision,
Mobile solution management system, carries out security evaluation, security hardening and carries out to the application program in terminal
Unified distribution and management, effectively block security breaches, prevent from installing the wood for producing by the download of application program
Horse virus problems.
In some embodiments, the internet traffic controlling and management includes following subsystem:
3G/4G network access control systems, make mobile terminal enough enter network management and control by VPDN technologies
Scope, ensures the safety of access network by L2TP Tunnel technology;
WLAN access control system, is encrypted using special host-host protocol, it is ensured that mobile whole
Secure wireless communication between end and WLAN access equipment.
The Internet user authentication management system includes following subsystem in some embodiments:
Information situation during mobile terminal use, behavior, data are carried out by mobile device management system
Monitoring in real time and management, so as to the safe and reliable of mobile terminal system is ensured in dynamic.
Authentication identifying system, for detect user identity it is whether legal and user's access authentication license after
License access.
The Internet mobile terminal managing and control system also includes following subsystem in some embodiments:
Terminal remote management module, the mobile terminal for docking network implement remote-control, and remote control movement is eventually
The network access at end, photographic head close the contents such as unlatching, data encrypting and deciphering, User logs in.
Wireless LAN safety management and control module, carries out remote management to WLAN, to access point apparatus,
Access terminal and access network flow carry out remote monitoring.
It can be seen that the Internet mobile terminal synthesis managing and control system that the present invention is provided, by the movement for accessing the Internet
Terminal management, internet traffic monitoring and management, user authentication manage three parts to needing in management and control region
Internet user carry out information security monitoring and management and control, be achieved in needing the Internet in management and control region
User can both access the Internet, download and installed application, not result in important information loss again.
Description of the drawings
Figure is the schematic diagram of the Internet mobile terminal synthesis management and control system structure of the present invention;
1- the Internets mobile terminal synthesis managing and control system, 11- the Internets mobile terminal managing and control system, 12- interconnections
Net traffic monitoring and management system, 13- Internet user authentication management systems, 111- attack protections and anti-virus system
System, 112- information filterings and auditing system, 113- Mobile solution managing and control systems, 114- mobile terminal remote pipes
Reason system, 115- WLAN long-distance management systems, 121-3G/4G network access control systems, 122-
Wireless local area network access control system, 131- mobile device management systems, 132- user identity management systems.
Specific embodiment
To make the object of the invention, technical scheme and advantage become more apparent, below in conjunction with specific embodiment,
And referring to the drawings, the present invention is described in more detail.
As illustrated, the Internet mobile terminal synthesis managing and control system 1 that the present invention is provided, at least including as follows
Several parts:
The Internet mobile terminal managing and control system 11, the intelligent mobile terminal to accessing the Internet carry out integrated pipe
Control, is locked and is forbidden to the corresponding operating in mobile terminal.
Internet traffic controlling and management 12, carries out real-time tracking and monitoring to the flow of the Internet,
And monitored results are implemented with corresponding management.
And Internet user authentication management system 13, the user terminal of the Internet in access army is recognized
Card identification.
Wherein, the Internet mobile terminal managing and control system 1 includes following subsystem:
Attack protection and Anti-Virus 111, carry out (Millisecond) in real time and monitor to network-wide security situation, and one
Denier finds that security incident carries out early warning (sending relevant person liable of SMS notification etc.) according to level of security threat,
And long-term follow is carried out to conventional security incident using DLP technologies, effectively prevent the network prestige such as 0day attacks
The side of body.
Information filtering and auditing system 112, by monitor bypass network egress flow, to user's internet behavior
Exercise supervision and manage, sensitive public feelings information user being searched for, browsed, is issued is monitored, and according to
Prediction scheme is guided, early warning or enforcement are blocked, and with reference to the ability of tracing to the source of secure accessing network, it is effectively right
User's internet behavior, including access the type of website, streaming medium content, puppy parc type, download file,
Many item securities such as SMTP monitoring exercise supervision and manage.
Mobile solution management system 113, carries out security evaluation, security hardening simultaneously to the application program in terminal
Carry out unifying to distribute and managing, it is ensured that the existing abundant application program of mobile terminal, meet using the Internet
Demand, and security breaches are effectively blocked, prevent the trojan horse for installing generation by the download of application program from asking
Topic.AMS can remotely push application software and carry out installation of mourning in silence to designated flat, it is also possible to long-range
Mourn in silence and delete the mounted application of designated flat.Application software in AMS is intended to carry out at reinforcing
Reason, to prevent by malicious sabotage or implanted rogue program.
Internet traffic controlling and management 12 includes following subsystem:
3G/4G network access control systems 121, make mobile terminal enough enter network pipe by VPDN technologies
Control scope, ensures the safety of access network by L2TP Tunnel technology;
WLAN access control system 122, is encrypted using special host-host protocol, it is ensured that moved
Secure wireless communication between dynamic terminal and WLAN access equipment.
Internet user authentication management system 13 includes:
Mobile device management system 131, to the information situation during mobile terminal use, behavior, data
Monitored in real time and managed, so as to the safe and reliable of mobile terminal system is ensured in dynamic.
Authentication identifying system 132, for detecting whether user identity is legal and permitted in user's access authentication
Can after license access, user by after certification, having a status firewall based on this user,
His access control policy can be set according to each user, WEB webpages and transmitting-receiving postal can only be such as accessed
Part, it is impossible to run software of P2P etc..
The Internet mobile terminal managing and control system 11 can also include:
Mobile terminal remote management system 114, the mobile terminal for docking network implement remote-control, long-range to grasp
The network access of control mobile terminal, photographic head close the contents such as unlatching, data encrypting and deciphering, User logs in.
Data erasing can be carried out to designated equipment remotely, once mobile terminal is lost, all data can be wiped immediately
WLAN long-distance management system 115, carries out remote management to WLAN, to access point (AP)
Many management elements such as equipment, access terminal and access network flow carry out remote monitoring and realize remote opening
With the operation such as close, and can effectively prevent the Means of Intrusion such as rogue AP, pseudo-base station.
Those of ordinary skill in the art should be understood:The discussion of any of the above embodiment is exemplary only,
It is not intended to imply that the scope of the present disclosure (including claim) is limited to these examples;In the think of of the present invention
Under road, can also be combined between the technical characteristic in above example or different embodiments, step can
To be realized with random order, and many other changes of the different aspect of the presence present invention as above, it is
It is simple and clear they provide without in the details.Therefore, it is all within the spirit and principles in the present invention, done
Any omission, modification, equivalent, improvement etc., should be included within the scope of the present invention.
Claims (5)
1. a kind of the Internet mobile terminal synthesis managing and control system, it is characterised in that include:
The Internet mobile terminal managing and control system, the intelligent mobile terminal to accessing the Internet carry out comprehensive management and control,
Corresponding operating in mobile terminal is locked and forbidden;
Internet traffic controlling and management;Real-time tracking and monitoring are carried out to the flow of the Internet, and it is right
Monitored results implement corresponding management;And
Internet user authentication management system, the user terminal to accessing the Internet in army are authenticated identification.
2. the Internet mobile terminal according to claim 1 synthesis managing and control system, it is characterised in that institute
Stating the Internet mobile terminal managing and control system includes following subsystem:
Attack protection and Anti-Virus, carry out monitor in real time to network-wide security situation, according to level of security threat
Early warning is carried out, and conventional security incident is tracked using DLP technologies, effectively prevent Cyberthreat;
Information filtering and auditing system, sensitive public feelings information user being searched for, browsed, is issued are monitored,
And guided according to prediction scheme, early warning or implement closure, with reference to firewall box, monitored using bypass mirror image
Mode is linked at the total gateway of network, by being analyzed to network data flow, there is provided behavior monitoring and interior
Hold monitoring;
Mobile solution management system, carries out security evaluation, security hardening and carries out to the application program in terminal
Unified distribution and management, effectively block security breaches, prevent from installing the wood for producing by the download of application program
Horse virus problems.
3. the Internet mobile terminal according to claim 1 synthesis managing and control system, it is characterised in that institute
Stating internet traffic controlling and management includes following subsystem:
3G/4G network access control systems, make mobile terminal enough enter network management and control by VPDN technologies
Scope, ensures the safety of access network by L2TP Tunnel technology;
WLAN access control system, is encrypted using special host-host protocol, it is ensured that mobile whole
Secure wireless communication between end and WLAN access equipment.
4. the Internet mobile terminal according to claim 1 synthesis managing and control system, it is characterised in that institute
Stating Internet user authentication management system includes following subsystem:
Information situation during mobile terminal use, behavior, data are carried out by mobile device management system
Monitoring in real time and management, so as to the safe and reliable of mobile terminal system is ensured in dynamic.
Authentication identifying system, for detect user identity it is whether legal and user's access authentication license after
License access.
5. the Internet mobile terminal according to claim 1 and 2 synthesis managing and control system, it is characterised in that
The Internet mobile terminal managing and control system also includes following subsystem:
Terminal remote management module, the mobile terminal for docking network implement remote-control, and remote control movement is eventually
The network access at end, photographic head close the contents such as unlatching, data encrypting and deciphering, User logs in.
Wireless LAN safety management and control module, carries out remote management to WLAN, to access point apparatus,
Access terminal and access network flow carry out remote monitoring.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510641320.XA CN106559399A (en) | 2015-09-30 | 2015-09-30 | A kind of the Internet mobile terminal synthesis managing and control system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510641320.XA CN106559399A (en) | 2015-09-30 | 2015-09-30 | A kind of the Internet mobile terminal synthesis managing and control system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106559399A true CN106559399A (en) | 2017-04-05 |
Family
ID=58417533
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510641320.XA Pending CN106559399A (en) | 2015-09-30 | 2015-09-30 | A kind of the Internet mobile terminal synthesis managing and control system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106559399A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107171855A (en) * | 2017-06-19 | 2017-09-15 | 淄博掌游网络科技有限公司 | A kind of information security managing and control system and information security management and control method |
CN107301334A (en) * | 2017-06-28 | 2017-10-27 | 广东欧珀移动通信有限公司 | Pay class application program and download means of defence, device and mobile terminal |
CN107634884A (en) * | 2017-08-28 | 2018-01-26 | 深信服科技股份有限公司 | Cloud network log-in management system and method based on Virtual Private Dialup Network |
CN107889108A (en) * | 2016-09-29 | 2018-04-06 | 北京军地联合网络技术中心 | A kind of Distributed Area internet security guard system |
CN109614181A (en) * | 2018-11-15 | 2019-04-12 | 中国科学院计算机网络信息中心 | Security postures methods of exhibiting, device and the storage medium of mobile terminal |
CN109739203A (en) * | 2019-02-25 | 2019-05-10 | 南京世界村云数据产业集团有限公司 | A kind of industrial network Border Protection system |
CN110351229A (en) * | 2018-04-04 | 2019-10-18 | 电信科学技术研究院有限公司 | A kind of terminal UE management-control method and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101789948A (en) * | 2010-02-21 | 2010-07-28 | 浪潮通信信息***有限公司 | Hierarchical type mobile internet security monitoring and protecting system |
CN103442354A (en) * | 2013-09-04 | 2013-12-11 | 上海辰锐信息科技公司 | Mobile-police-terminal safety management and control system |
CN104641377A (en) * | 2012-10-19 | 2015-05-20 | 迈克菲股份有限公司 | Data loss prevention for mobile computing devices |
CN104702603A (en) * | 2015-03-04 | 2015-06-10 | 南京邮电大学 | Multi-view-angle security auditing system for mobile internet |
CN104715168A (en) * | 2015-02-13 | 2015-06-17 | 陈佳阳 | File security control and trace method and system based on digital fingerprints |
-
2015
- 2015-09-30 CN CN201510641320.XA patent/CN106559399A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101789948A (en) * | 2010-02-21 | 2010-07-28 | 浪潮通信信息***有限公司 | Hierarchical type mobile internet security monitoring and protecting system |
CN104641377A (en) * | 2012-10-19 | 2015-05-20 | 迈克菲股份有限公司 | Data loss prevention for mobile computing devices |
CN103442354A (en) * | 2013-09-04 | 2013-12-11 | 上海辰锐信息科技公司 | Mobile-police-terminal safety management and control system |
CN104715168A (en) * | 2015-02-13 | 2015-06-17 | 陈佳阳 | File security control and trace method and system based on digital fingerprints |
CN104702603A (en) * | 2015-03-04 | 2015-06-10 | 南京邮电大学 | Multi-view-angle security auditing system for mobile internet |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107889108A (en) * | 2016-09-29 | 2018-04-06 | 北京军地联合网络技术中心 | A kind of Distributed Area internet security guard system |
CN107171855A (en) * | 2017-06-19 | 2017-09-15 | 淄博掌游网络科技有限公司 | A kind of information security managing and control system and information security management and control method |
CN107301334A (en) * | 2017-06-28 | 2017-10-27 | 广东欧珀移动通信有限公司 | Pay class application program and download means of defence, device and mobile terminal |
CN107634884A (en) * | 2017-08-28 | 2018-01-26 | 深信服科技股份有限公司 | Cloud network log-in management system and method based on Virtual Private Dialup Network |
CN107634884B (en) * | 2017-08-28 | 2020-12-04 | 深信服科技股份有限公司 | Cloud networking behavior management system and method based on virtual private dial-up network |
CN110351229A (en) * | 2018-04-04 | 2019-10-18 | 电信科学技术研究院有限公司 | A kind of terminal UE management-control method and device |
CN110351229B (en) * | 2018-04-04 | 2020-12-08 | 电信科学技术研究院有限公司 | Terminal UE (user equipment) management and control method and device |
US11206541B2 (en) | 2018-04-04 | 2021-12-21 | Datang Mobile Communications Equipment Co., Ltd. | Method and device for managing and controlling terminal UE |
CN109614181A (en) * | 2018-11-15 | 2019-04-12 | 中国科学院计算机网络信息中心 | Security postures methods of exhibiting, device and the storage medium of mobile terminal |
CN109739203A (en) * | 2019-02-25 | 2019-05-10 | 南京世界村云数据产业集团有限公司 | A kind of industrial network Border Protection system |
CN109739203B (en) * | 2019-02-25 | 2021-09-21 | 南京世界村云数据产业集团有限公司 | Industrial network boundary protection system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Petrenko et al. | Protection model of PCS of subway from attacks type «wanna cry»,«petya» and «bad rabbit» IoT | |
CN106559399A (en) | A kind of the Internet mobile terminal synthesis managing and control system | |
CN109729180A (en) | Entirety is intelligence community platform | |
US11155239B2 (en) | Method and system for managing access of vehicle compartment | |
CN106911529A (en) | Power network industry control safety detecting system based on protocol analysis | |
CN100486180C (en) | Local network safety management method based on IEEE 802.1X protocol | |
US20200053567A1 (en) | Security architecture for machine type communications | |
CN104244249A (en) | Techniques for providing security protection in wireless network by switching modes | |
CN107276983A (en) | A kind of the traffic security control method and system synchronous with cloud based on DPI | |
KR20130050865A (en) | Caused by the use of smart device internal confidential data leakage prevention & trace system and method | |
CN109995769A (en) | A kind of trans-regional full actual time safety management-control method of multi-tier Heterogeneous | |
CN115150208B (en) | Zero-trust-based Internet of things terminal secure access method and system | |
CN113382076A (en) | Internet of things terminal security threat analysis method and protection method | |
CN109165508A (en) | A kind of external device access safety control system and its control method | |
CN113794714A (en) | Network safety system for intelligent power plant architecture | |
CN115314286A (en) | Safety guarantee system | |
Rekik et al. | A cyber-physical threat analysis for microgrids | |
Miloslavskaya et al. | Ensuring information security for internet of things | |
KR101237376B1 (en) | Integrated security control System and Method for Smartphones | |
CN112839031A (en) | Industrial control network security protection system and method | |
CN102970188B (en) | A kind of 110kV digital transformer substation secure network | |
Monshizadeh et al. | IoT Security | |
KR20200054495A (en) | Method for security operation service and apparatus therefor | |
Das et al. | Smart City Vulnerabilities: An Overview | |
CN110990900B (en) | Computer network intelligent monitoring system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170405 |