CN106789952A - A kind of LAN services interconnect the method and system of networking - Google Patents
A kind of LAN services interconnect the method and system of networking Download PDFInfo
- Publication number
- CN106789952A CN106789952A CN201611084767.2A CN201611084767A CN106789952A CN 106789952 A CN106789952 A CN 106789952A CN 201611084767 A CN201611084767 A CN 201611084767A CN 106789952 A CN106789952 A CN 106789952A
- Authority
- CN
- China
- Prior art keywords
- service
- enterprise
- gateway
- client
- connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses the method and system that a kind of LAN services interconnect networking, including, enterprise client keeps real-time network to be connected with public service gateway;Public service gateway uniform service is asked;Safety certification and service routing based on Customer ID;Data transparent transmission is realized based on custom protocol;Pack and reduction original service agreement is to be multiplexed existing system service;Such that it is able on the premise of internal applications service is not changed, realize that the internal services to running on LAN under internet environment carry out the access of safe and convenient.
Description
Technical field
The present invention relates to LAN Monitoring System networking technical field, in particular it relates to a kind of LAN services interconnect networking
Method and system.
Background technology
It is related to the private data of enterprise operation, is generally held on enterprises server, the application service of corresponding service
Also can only be accessed in LAN.With enterprise development and the change of marketing model, business event operation, association are carried out whenever and wherever possible
With necessary demands as IT application in enterprises such as offices.Traditional LAN internal services pattern cannot meet IT application in enterprises
Mobile interchange requirement.
Usual enterprise can take in the following manner to transform internal services, realize the information service of interconnection networking:
Move to the Saas service products based on internet;
Adjustment IT architecture, it is by renting the modes such as main frame, network mapping, enterprises service is open to internet environment.
With reference to the concrete condition of enterprise, deficiency is had with upper type, specifically included:
Cost:Saas products, or the IT architecture for adjusting either are moved to, all can accordingly increase the operation cost of enterprise, wrapped
Include software and hardware buying, manpower, time etc.;
Security:Under LAN environment, isolating for inside data of enterprise and external web environment can be very easily realized.But
Internet environment is disclosed using Saas products or internal services, can mean that business data has the safety of leakage and asks
Topic.
For software vendor, on the one hand need to consider Saas product of the exploitation based on internet and guide existing user to move
Move, on the other hand also to consider that those are based on the user that cost or security are not intended to migration, if product interconnection networking according to
Rely and adjusted in user's IT architecture, while burden for users is increased, can also greatly increase the maintenance and support cost of software vendor.
A kind of access methods of LAN services of CN201410779493.3, method described herein by comparison, mainly
Difference is embodied in:
1st, the micro services integrated access in Mobile solution scene is described for patent emphasis, it is right under mobile platform to solve
The access of the micro services system in intranet is run on, the logical sums such as registration, examination & verification, the deletion of micro services have been stressed
Scheme, these contents bias toward the Integrated Solution of business service system.Provided herein is invention in, stressed access local
The technical scheme of service is netted, the technical scheme emphasis solves the key problem for accessing LAN services:External web environment pair
The access path and security of built-in system.For operation system is integrated, can be realized to comprising micro- based on the technical scheme
Service the access in interior business service system.
2nd, method described herein, there is provided the key technology details not described in detail in for patent below:
Connection performance between external network and internal network;
Data transmission channel and agreement.
The content of the invention
It is an object of the present invention to regarding to the issue above, propose that a kind of LAN services interconnect the method and system of networking,
To realize not changing on the premise of internal applications service, realize under internet environment to running on the internal services of LAN
Carry out the advantage of the access of safe and convenient.
To achieve the above object, the technical solution adopted by the present invention is:A kind of method of LAN services interconnection networking and
System, mainly includes:
Step 1:Terminal applies system initiates service request to public service gateway;
Step 2:After public service gateway receives service request, for the request generates unique queued session ID;
Step 3:Public service gateway extracts the enterprise ID and key in service request, and request is authenticated, and certification does not pass through
When, forbid this to ask;
Step 4:For request through safety certification, according to the connection of enterprise's ID locating business, selection can for public service gateway
Sent to enterprise client with connection and asked;
Step 5:After enterprise client receives service request, original service agreement is reduced, internal service system is distributed to, by interior
Portion's service system carries out Business Processing and response;
Step 6:Business service response is encapsulated as gateway service protocol data message by enterprise client, carries queued session ID hairs
It is sent to public service gateway;
Step 7:After public service gateway receives the response data of enterprise client, according to queued session ID, request response is returned
Return to the terminal applies system for initiating service request.
Further, in step 4 or in step 6, when public service gateway carries out data transmission with enterprise client, specifically
To realize being carried out between public service gateway and enterprise client the data transfer of safety transparent, tool using custom protocol
Body includes, realizes that the transparent transmission of data, i.e. public service gateway and enterprise client, in transmission services data, are not concerned with industry
Business data content, all of data are not parsed or reservation record in systems;
The encryption of data is realized, is specially carried out data transmission using encrypted tunnel, enabling standard security protocols such as SSL in base
On plinth, data are encrypted using the unique private cipher key of enterprise, it is ensured that Information Security;
Realize the compression and subpackage of data, specially compressed automatically and subpackage for big data, in public service gateway and
It is compressed respectively/decompresses and subpackage/merging when is transmitted between enterprise client;
Realize concurrently connecting asynchronous transmission more, specifically, when by connection transmission data in real time, the big data by subpackage exists
It is multiple concurrently connect in asynchronous transmission, and by task scheduling unit dynamic control concurrent connection number as needed, to improve data
Efficiency of transmission.
Further, in step 1, the concrete composition part of the service request includes,
Enterprise identifies, and each is connected to the enterprise of public service gateway, and system is one fixed enterprise ID of its distribution, used as enterprise
Industry client, terminal applies are connected to enterprise's mark of gateway, road of the mark as different enterprises in the entire system
By and identity identifier;
Secure authenticated information, each enterprise includes one group of key associated with its enterprise ID, and enterprise client and enterprise terminal should
During used in access system, it is desirable to provide specific key carries out safety certification, connection only through safety certification and request are
Enterprises service gateway can be passed through;
Service agreement, in the existing application of enterprise, may include multiple different operation systems, and in these operation systems, terminal should
With can be communicated with service with using different agreements.Between public service gateway and enterprise client, system is using system
One self-defining communication protocol, original service agreement will be encapsulated in the data message of custom protocol, by corporate client
End upon receipt of a service request, reduces original agreement, it is ensured that business service can be processed by existing protocol and asked, and realizes that business takes
Business multiplexing;
Service request parameter:The service parameter of service request, content of parameter recognizes and processed by specific business service, public service
Gateway and enterprise client are only transmitted to data.
Further, a kind of system of LAN Monitoring System networking, including terminal applies system, public service gateway, enterprise
Client and enterprises service system, the enterprises service system include enterprises server, the public service
Gateway is connected with terminal applies system and enterprise client respectively, and the enterprises server provides clothes to enterprise client
Business, enterprises service system accesses public service gateway, enterprise customer's using terminal application, by public affairs by enterprise client
The access of gateway and route service, access enterprises system altogether, specifically,
The enterprises server only provides service, enterprise client sheet to the enterprise client for being connected to public service gateway
Body does not provide Connection Service externally, but is connected to public service gateway as client and provides Connection Service,
The connection of the public service gateway and enterprise client specifically,
Realize that connection in real time, i.e. connection possess disconnection reconnecting mechanism, can automatically be reconnected after network environment change, it is ensured that
Service availability;
Realize that dynamic expansion, i.e. Connection Service can adjust single client and Common Gateway server according to data transmission scenarios
Between connection number, connection number being increased when big data is transmitted to improve performance, or reduces connection at one's leisure can use money to discharge
Source;
Possess connection identifier, i.e. each connection has unique mark, and corresponding enterprise mark, so as in service request and
In response process, by the correct connection route of Systematic selection to different enterprises services.
Further, the public service gateway also to the connection of enterprise client and terminal applies system recognize safely
Card, the enterprise of each access system has specific enterprise ID and matching key, enterprise and terminal applies connection system
During system, it is desirable to provide enterprise ID and key, the Security Authentication Service shut by queueing network verifies to relevant information, not
To forbid connecting and accessing enterprises service when through safety certification.
Further, the public service gateway, is by running on the one of internet environment group of server, and server
The total system that the gateway service of upper operation is constituted, the terminal user towards corporate client provides public service, specifically includes
There is fixed internet access address and corresponding serve port;Support the access of enterprise client;Support terminal applies system
System is accessed in internet environment;Data transmission channel is provided, supports terminal applies access request to be routed in correspondence enterprise
Portion's service system, and the response data that enterprises are serviced is returned to terminal applies;And terminal applies access is pacified
Full certification and filtering.
Further, the enterprise client runs on intranet environment, for setting up net with public service gateway
Network is connected and transmission channel, by corporate client installation and deployment on enterprises server, specifically includes addressable internet
Environment module and addressable enterprises service module.
A kind of LAN services of various embodiments of the present invention interconnect the method and system of networking, including, enterprise client with
Public service gateway keeps real-time network connection;Public service gateway uniform service is asked;Safety certification based on Customer ID and
Service routing;Data transparent transmission is realized based on custom protocol;Pack and reduction original service agreement is to be multiplexed existing system
Service;Such that it is able on the premise of internal applications service is not changed, realize under internet environment to running on LAN
Internal services carry out the access of safe and convenient.
Other features and advantages of the present invention will be illustrated in the following description, also, the partly change from specification
Obtain it is clear that or being understood by implementing the present invention.
Below by drawings and Examples, technical scheme is described in further detail.
Brief description of the drawings
Accompanying drawing is used for providing a further understanding of the present invention, and constitutes a part for specification, with reality of the invention
Applying example is used to explain the present invention together, is not construed as limiting the invention.In the accompanying drawings:
Fig. 1 is the structure composition figure of the LAN services interconnection networking system described in the embodiment of the present invention;
Fig. 2 is the part-structure composition figure of the LAN services interconnection networking system described in the embodiment of the present invention;
Service models of the Fig. 3 for prior art enterprise when needing Internet environment to provide internal services;
Fig. 4 is the flow chart of the method for the LAN services interconnection networking described in the embodiment of the present invention;
Fig. 5 is the operation principle flow chart of the LAN services interconnection networking original business service described in the embodiment of the present invention.
Specific embodiment
The preferred embodiments of the present invention are illustrated below in conjunction with accompanying drawing, it will be appreciated that preferred reality described herein
Apply example to be merely to illustrate and explain the present invention, be not intended to limit the present invention.
Specifically, it is a kind of to realize the method that enterprises lan service interconnects networking, internal applications clothes can not changed
On the premise of business, realize that the internal services to running on LAN under internet environment carry out the access of safe and convenient.
It is of the invention from software vendor's angle based on background technology analysis, there is provided a kind of intranet application service interconnection
The method of networking, realizes the mobile interchange demand of existing procucts:
1st, unified interconnection networking service and deployment scheme is provided the user;
2nd, existing product and enterprise IT architecture are multiplexed, user cost is reduced;
Ensure the convenient access and safety of enterprises service and data in internet environment.
As depicted in figs. 1 and 2, unified public service gateway is provided by for enterprise customer, focuses on internet ring
To the access of enterprises service in border.
The system realized based on the present invention includes following two cores:
1st, public service gateway
2nd, enterprise client
In the scheme of present invention description, enterprises service system accesses public service gateway, enterprise by enterprise client
User's using terminal application, access and route service by public service gateway access enterprises system.
Public service gateway
Public service gateway is by running on the gateway service structure run on the one of internet environment group of server, and server
Into total system, by software vendor provide deployment and safeguard, towards corporate client terminal user provide public service.Specifically
Ground, public service gateway possesses following key element:
1st, fixed internet access address, such as domain name or fixed IP, and corresponding serve port;
2nd, support that enterprise client is accessed;
3rd, support that terminal applies are accessed in internet environment;
The 4th, data transmission channel is provided, supports terminal applies access request to be routed to the internal service system of correspondence enterprise, and
The response data that enterprises are serviced is returned to terminal applies;
Terminal applies are accessed carries out safety certification and filtering.
Enterprise client
Enterprise client runs on intranet environment, for setting up network connection and transmission channel with public service gateway.
Enterprise client provides installation procedure and technical support by software vendor, by corporate client installation and deployment in enterprises server
On.Specifically, enterprise client possesses following key element:
May have access to internet environment;
May have access to enterprises service system.
With reference to Fig. 3, relative to the method that the present invention is provided, Client Enterprise is needing the internal clothes of Internet environment offer
During business, generally transformed in IT skeleton layers, internal services are disclosed external environment condition, its service model is:
In such model, the privately owned gateway of enterprise generally needs to have fixed ip address, and needs to open feature service end
Mouthful.This means that the security risk of extra cost and Geng Gao.And, the deployment and configuration of IT links need the IT people of specialty
Member is manually operated, and many less enterprises of scale often do not possess such condition.
In the method that the present invention is provided, public service gateway is solved because of the cost and safety wind that the adjustment of IT frameworks brings
Dangerous problem, enterprise is based on existing IT architecture and product allocation environment, and the interconnection of internal services can be supported without extra adjustment
Net is accessed.Its service model is as shown in Figure 1
Specific difference is embodied in:
Unified public service gateway is provided by software vendor, Internet user provides service;
On enterprises server, increase the enterprise client of Common Gateway, the client is run, do not changed in a software form
Dynamic or dependence enterprise IT architecture;
Enterprise client is run in intranet, it is only necessary to the unidirectional access to internet environment, it is not necessary to fixed IP
Or serve port;
Safety guarantee in internet environment is provided by software vendor's unification.
The present invention realizes such scheme using following ins and outs:
1st, enterprise client and public service gateway keep real-time network connection;
2nd, public service gateway uniform service request;
3rd, safety certification and service routing based on Customer ID;
4th, data transparent transmission is realized based on custom protocol;
Pack and reduction original service agreement is to be multiplexed existing system service.
Real-time network is connected
In other technologies implementation, enterprise servers are as service provider, it is necessary to Internet environment provides connection
Service, sets up so as to terminal applies and connects.In the scheme of present invention description, enterprise servers are only needed to public service gateway
Enterprise client provide service, enterprise client does not provide Connection Service externally in itself, but is connected to public affairs as client
The Connection Service that gateway is provided altogether.Connection between public service gateway and enterprise client has following characteristic:
Connection in real time:Connection possesses disconnection reconnecting mechanism, can automatically be reconnected after network environment change, it is ensured that service can
The property used;
Dynamic expansion:Connection Service can adjust the company between single client and Common Gateway server according to data transmission scenarios
Number is connect, connection number is increased when big data is transmitted to improve performance, or reduce connection at one's leisure to discharge available resources.
Connection identifier:Each connection has unique mark, and corresponding enterprise mark, so as in service request and sound
During answering, by the correct connection route of Systematic selection to different enterprises services.
Service request
The unification of public service gateway receives the service request sent by terminal applies, and service request is made up of following part:
Enterprise identifies:Each is connected to the enterprise of public service gateway, and system is one fixed enterprise ID of its distribution, used as enterprise
Industry client, terminal applies are connected to enterprise's mark of gateway, road of the mark as different enterprises in the entire system
By and identity identifier;
Secure authenticated information:Each enterprise includes one group of key associated with its enterprise ID, and enterprise client and enterprise terminal should
During used in access system, it is desirable to provide specific key carries out safety certification, connection only through safety certification and request are
Enterprises service gateway can be passed through;
Service agreement:In the existing application of enterprise, multiple different operation systems may be included, in these operation systems, terminal should
With can be communicated with service with using different agreements.Between public service gateway and enterprise client, system is using system
One self-defining communication protocol, original service agreement will be encapsulated in the data message of custom protocol, by corporate client
End upon receipt of a service request, reduces original agreement, it is ensured that business service can be processed by existing protocol and asked, and realizes that business takes
Business multiplexing;
Service request parameter:The service parameter of service request, content of parameter recognizes and processed by specific business service, public service
Gateway and enterprise client are only transmitted to data.
Safety certification
Connection of the public service gateway to enterprise client and terminal applies carries out safety certification.The enterprise of each access system
With specific enterprise ID and matching key, when enterprise and terminal applies connection system, it is desirable to provide enterprise ID and close
Key, the Security Authentication Service shut by queueing network is verified to relevant information, will forbid connecting when not through safety certification
Connect and access enterprises service.
Service routing
As shown in figure 4, in the method that the present invention is provided, different enterprises and enterprise customer are all connected to unified public service
Gateway.System uses service ID and secure authenticated information, it is ensured that the enterprises service that service request is routed to matching is processed
And response.Idiographic flow is:
1st, after public service gateway receives service request, for the request generates unique queued session ID;
2nd, public service gateway extracts the enterprise ID and key in service request, and request is authenticated, and when certification does not pass through, prohibits
Only this request;
3rd, for request through safety certification, according to the connection of enterprise's ID locating business, selection can the company of using for public service gateway
Connect to be sent to enterprise client and ask;
4th, after enterprise client receives service request, original service agreement is reduced, is distributed to internal service system, taken by inside
Business system carries out Business Processing and response;
5th, business service response is encapsulated as gateway service protocol data message by enterprise client, is carried queued session ID and is sent to
Public service gateway;
6th, after public service gateway receives the response data of enterprise client, according to queued session ID, request response is returned to
Initiate the terminal applies of service request.
Data transfer
The present invention realizes being carried out between public service gateway and enterprise client the data of safety transparent using custom protocol
Transmission.Specifically:
1st, data transparent transmission:Public service gateway and enterprise client are not concerned with business datum in transmission services data
Hold, all of data are not parsed or reservation record in systems;
2nd, encrypt:Carried out data transmission using encrypted tunnel, enabling standard security protocols such as SSL on the basis of, data are used
The unique private cipher key of enterprise is encrypted, it is ensured that Information Security;
3rd, compression and subpackage:Compressed automatically and subpackage for big data, between public service gateway and enterprise client
It is compressed respectively during transmission/is decompressed and subpackage/merging;
Concurrently connect asynchronous transmission more:When by connection transmission data in real time, the big data by subpackage concurrently connects in multiple
Connect middle asynchronous transmission, and by task scheduling unit dynamic control concurrent connection number as needed, to improve data transmission efficiency.
Original service agreement
In the method that the present invention is provided, existing business service need not transform enter in internet environment via public service gateway
Row is accessed.The request protocol of former business service, is packaged transmission between public service gateway and enterprise client, is calling industry
Original service agreement is reduced to before business service, business service is processed from internet environment by not needing any change
Service request.
The method that the present invention is provided, relative to prior art, obtains on enterprises service mobile interchange is solved the problems, such as
Beneficial effect major embodiment in:
Corporate client is used for the cost reduction of system Construction.In the prior art, enterprise's needs carry out more in IT architecture aspect
Input, such as fixed IP, daily IT configurations and maintenance.Public service gateway Unified in the method provided by the present invention has been determined all
The IT link problems of enterprise customer, unified access entrance and the service of internet environment are provided by software vendor, and enterprise can be not required to
Possess independent fixed IP or carry out IT framework adjustment, it is only necessary to can access disposed on the internal server of internet it is public
The enterprise client of gateway;
Service stability obtains effective guarantee.The linking Internet of enterprise is generally limited by telecom operators, such as region
Or the bandwidth that causes of operator's difference or problem rate, and operator is because security consideration is to the opening end of access server
Mouth limitation etc..Realization net access internal services are interconnected by adjusting enterprise IT architecture, often because these limitations cause to service
Less stable.In the present invention, the service of linking Internet aspect provides unified specialized deployment and dimension by software vendor
Shield, can effectively ensure that the stability of service access.
The security of business data is greatly promoted.In prior art, enterprises are serviced by IT architecture scheme
Device is mapped as public server, it is meant that enterprise servers are fully exposed to internet environment as public service, enterprises
Data are faced with larger security risk.The present invention description scheme in, enterprises server need not to outside mapping or
It is open, it is only necessary to client to be installed and is connected to public service gateway, be the public server role transforming in former technical scheme
Privately owned client role, shields possibility of the external environment condition to inside data of enterprise unauthorized access.And software vendor carries
The public service gateway of confession, it is possible to provide the safety prevention measure of specialty, it is ensured that the secure access to inside data of enterprise.
Existing product and service can at utmost be multiplexed.In the method that the present invention is provided, for existing product and service,
Remain original service agreement so that existing service and application need not all change or can adaptation internet ring under few change
Border access, this for software vendor and enterprise customer, exploitation safeguard and practice link, all can reduces cost, carry
High efficiency.Finally it should be noted that:The preferred embodiments of the present invention are the foregoing is only, are not intended to limit the invention,
Although being described in detail to the present invention with reference to the foregoing embodiments, for a person skilled in the art, it still may be used
Modified with to the technical scheme described in foregoing embodiments, or equivalent is carried out to which part technical characteristic.
All any modification, equivalent substitution and improvements within the spirit and principles in the present invention, made etc., should be included in of the invention
Within protection domain.
Claims (7)
1. a kind of method that LAN services interconnect networking, it is characterised in that comprise the following steps:
Step 1:Terminal applies system initiates service request to public service gateway;
Step 2:After public service gateway receives service request, for the request generates unique queued session ID;
Step 3:Public service gateway extracts the enterprise ID and key in service request, and request is authenticated, and certification does not pass through
When, forbid this to ask;
Step 4:For request through safety certification, according to the connection of enterprise's ID locating business, selection can for public service gateway
Sent to enterprise client with connection and asked;
Step 5:After enterprise client receives service request, original service agreement is reduced, internal service system is distributed to, by interior
Portion's service system carries out Business Processing and response;
Step 6:Business service response is encapsulated as gateway service protocol data message by enterprise client, carries queued session ID hairs
It is sent to public service gateway;
Step 7:After public service gateway receives the response data of enterprise client, according to queued session ID, request response is returned
Return to the terminal applies system for initiating service request.
2. the method that LAN services according to claim 1 interconnect networking, it is characterised in that in step 4 or step 6
In, when public service gateway carries out data transmission with enterprise client, specifically, being realized in public service using custom protocol
The data transfer of safety transparent is carried out between gateway and enterprise client, is specifically included, realize the transparent transmission of data, i.e., it is public
Gateway and enterprise client are not concerned with business datum content in transmission services data, and all of data are in systems not
Parsed or reservation record;
The encryption of data is realized, is specially carried out data transmission using encrypted tunnel, enabling standard security protocols such as SSL in base
On plinth, data are encrypted using the unique private cipher key of enterprise, it is ensured that Information Security;
Realize the compression and subpackage of data, specially compressed automatically and subpackage for big data, in public service gateway and
It is compressed respectively/decompresses and subpackage/merging when is transmitted between enterprise client;
Realize concurrently connecting asynchronous transmission more, specifically, when by connection transmission data in real time, the big data by subpackage exists
It is multiple concurrently connect in asynchronous transmission, and by task scheduling unit dynamic control concurrent connection number as needed, to improve data
Efficiency of transmission.
3. the method that LAN services according to claim 2 interconnect networking, it is characterised in that in step 1, the service
The concrete composition part of request includes,
Enterprise identifies, and each is connected to the enterprise of public service gateway, and system is one fixed enterprise ID of its distribution, used as enterprise
Industry client, terminal applies are connected to enterprise's mark of gateway, road of the mark as different enterprises in the entire system
By and identity identifier;
Secure authenticated information, each enterprise includes one group of key associated with its enterprise ID, and enterprise client and enterprise terminal should
During used in access system, it is desirable to provide specific key carries out safety certification, connection only through safety certification and request are
Enterprises service gateway can be passed through;
Service agreement, in the existing application of enterprise, may include multiple different operation systems, and in these operation systems, terminal should
With can be communicated with service with using different agreements;
Between public service gateway and enterprise client, system uses unified self-defining communication protocol, original service association
View will be encapsulated in the data message of custom protocol, reduces original association by enterprise client upon receipt of a service request
View, it is ensured that business service can be processed by existing protocol and asked, realizes that business service is multiplexed;
Service request parameter:The service parameter of service request, content of parameter recognizes and processed by specific business service, public service
Gateway and enterprise client are only transmitted to data.
4. the system that the LAN services of the method based on the LAN services interconnection networking described in claim 3 interconnect networking,
It is characterised in that it includes terminal applies system, public service gateway, enterprise client and enterprises service system, the enterprise
Industry internal service system include enterprises server, the public service gateway respectively with terminal applies system and corporate client
End connection, the enterprises server provides service to enterprise client, and enterprises service system passes through enterprise client
Access public service gateway, enterprise customer's using terminal application, access and route service by public service gateway, access enterprise
Industry built-in system, specifically,
The enterprises server only provides service, enterprise client sheet to the enterprise client for being connected to public service gateway
Body does not provide Connection Service externally, but is connected to public service gateway as client and provides Connection Service,
The connection of the public service gateway and enterprise client specifically,
Realize that connection in real time, i.e. connection possess disconnection reconnecting mechanism, can automatically be reconnected after network environment change, it is ensured that
Service availability;
Realize that dynamic expansion, i.e. Connection Service can adjust single client and Common Gateway server according to data transmission scenarios
Between connection number, connection number being increased when big data is transmitted to improve performance, or reduces connection at one's leisure can use money to discharge
Source;
Possess connection identifier, i.e. each connection has unique mark, and corresponding enterprise mark, so as in service request and
In response process, by the correct connection route of Systematic selection to different enterprises services.
5. the system that LAN services according to claim 4 interconnect the method for networking, it is characterised in that the public clothes
Business gateway also carries out safety certification to the connection of enterprise client and terminal applies system, and the enterprise of each access system has
When specific enterprise ID and matching key, enterprise and terminal applies connection system, it is desirable to provide enterprise ID and key, by
The Security Authentication Service that queueing network is shut is verified to relevant information, will forbid connecting and visiting when not through safety certification
Ask enterprises service.
6. the system that LAN services according to claim 5 interconnect the method for networking, it is characterised in that the public clothes
Business gateway, is by running on the entirety that the gateway service run on the one of internet environment group of server, and server is constituted
System, the terminal user towards corporate client provides public service, specifically include with fixed internet access address and
Corresponding serve port;Support the access of enterprise client;Support that terminal applies system is accessed in internet environment;Data are provided
Transmission channel, supports terminal applies access request to be routed to the internal service system of correspondence enterprise, and service enterprises
Response data return to terminal applies;And safety certification and filtering are carried out to terminal applies access.
7. the system that LAN services according to claim 6 interconnect the method for networking, it is characterised in that the enterprise visitor
Family end runs on intranet environment, for setting up network connection and transmission channel with public service gateway, by corporate client
Installation and deployment are in the environment module on enterprises server, specifically including addressable internet and addressable enterprises service
Module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611084767.2A CN106789952B (en) | 2016-11-30 | 2016-11-30 | Method and system for serving local area network into internet |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611084767.2A CN106789952B (en) | 2016-11-30 | 2016-11-30 | Method and system for serving local area network into internet |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106789952A true CN106789952A (en) | 2017-05-31 |
| CN106789952B CN106789952B (en) | 2020-05-15 |
Family
ID=58914087
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611084767.2A Active CN106789952B (en) | 2016-11-30 | 2016-11-30 | Method and system for serving local area network into internet |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106789952B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108551477A (en) * | 2018-03-28 | 2018-09-18 | 深圳市网心科技有限公司 | Data transmission channel establishes system, network storage equipment, server and method |
| CN110493192A (en) * | 2019-07-17 | 2019-11-22 | 北京泰立鑫科技有限公司 | A kind of data safe transmission system and method based on data gateway |
| CN110717149A (en) * | 2019-10-09 | 2020-01-21 | 湖南国科微电子股份有限公司 | Security architecture, operation method and device thereof, and readable storage medium |
| CN111192661A (en) * | 2019-12-31 | 2020-05-22 | 武汉联影医疗科技有限公司 | Method and system for acquiring medical electronic film |
| CN114124477A (en) * | 2021-11-05 | 2022-03-01 | 深圳市联软科技股份有限公司 | Business service system and method |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1787513A (en) * | 2004-12-07 | 2006-06-14 | 上海鼎安信息技术有限公司 | System and method for safety remote access |
| CN1866966A (en) * | 2006-06-14 | 2006-11-22 | 杭州华为三康技术有限公司 | Internet protocol storage area network insulating method and device |
| US20070168458A1 (en) * | 2006-01-16 | 2007-07-19 | Nokia Corporation | Remote access to local network |
| CN101410803A (en) * | 2006-01-24 | 2009-04-15 | 思杰系统有限公司 | Methods and systems for providing access to a computing environment |
| US7818785B2 (en) * | 2007-07-25 | 2010-10-19 | Dell Products L.P. | System and method for secure information handling system memory |
| CN102369747A (en) * | 2009-04-03 | 2012-03-07 | 松下电器产业株式会社 | Mobile communication method, mobile communication system, and corresponding apparatus |
| CN105391734A (en) * | 2015-12-10 | 2016-03-09 | 布比(北京)网络技术有限公司 | Secure login system, secure login method, login server and authentication server |
| US20160261637A1 (en) * | 2010-05-18 | 2016-09-08 | At&T Intellectual Property I, L.P. | End-To-End Secure Cloud Computing |
-
2016
- 2016-11-30 CN CN201611084767.2A patent/CN106789952B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1787513A (en) * | 2004-12-07 | 2006-06-14 | 上海鼎安信息技术有限公司 | System and method for safety remote access |
| US20070168458A1 (en) * | 2006-01-16 | 2007-07-19 | Nokia Corporation | Remote access to local network |
| CN101410803A (en) * | 2006-01-24 | 2009-04-15 | 思杰系统有限公司 | Methods and systems for providing access to a computing environment |
| CN1866966A (en) * | 2006-06-14 | 2006-11-22 | 杭州华为三康技术有限公司 | Internet protocol storage area network insulating method and device |
| US7818785B2 (en) * | 2007-07-25 | 2010-10-19 | Dell Products L.P. | System and method for secure information handling system memory |
| CN102369747A (en) * | 2009-04-03 | 2012-03-07 | 松下电器产业株式会社 | Mobile communication method, mobile communication system, and corresponding apparatus |
| US20160261637A1 (en) * | 2010-05-18 | 2016-09-08 | At&T Intellectual Property I, L.P. | End-To-End Secure Cloud Computing |
| CN105391734A (en) * | 2015-12-10 | 2016-03-09 | 布比(北京)网络技术有限公司 | Secure login system, secure login method, login server and authentication server |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108551477A (en) * | 2018-03-28 | 2018-09-18 | 深圳市网心科技有限公司 | Data transmission channel establishes system, network storage equipment, server and method |
| CN110493192A (en) * | 2019-07-17 | 2019-11-22 | 北京泰立鑫科技有限公司 | A kind of data safe transmission system and method based on data gateway |
| CN110493192B (en) * | 2019-07-17 | 2022-04-15 | 北京泰立鑫科技有限公司 | Data security transmission system and method based on data gateway |
| CN110717149A (en) * | 2019-10-09 | 2020-01-21 | 湖南国科微电子股份有限公司 | Security architecture, operation method and device thereof, and readable storage medium |
| CN111192661A (en) * | 2019-12-31 | 2020-05-22 | 武汉联影医疗科技有限公司 | Method and system for acquiring medical electronic film |
| CN114124477A (en) * | 2021-11-05 | 2022-03-01 | 深圳市联软科技股份有限公司 | Business service system and method |
| CN114124477B (en) * | 2021-11-05 | 2024-04-05 | 深圳市联软科技股份有限公司 | Business service system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106789952B (en) | 2020-05-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105917630B (en) | Use single-sign-on bootstrapping to the redirection for checking agency | |
| CN102316092B (en) | VPN network client for mobile device having fast reconnect | |
| CN106789952A (en) | A kind of LAN services interconnect the method and system of networking | |
| CN102333075B (en) | VPN network client for mobile device having fast reconnect | |
| CN102316093B (en) | Dual-Mode Multi-Service VPN Network Client for Mobile Device | |
| CN102333110B (en) | VPN network client for mobile device having fast reconnect | |
| CN103001999B (en) | For privately owned Cloud Server, intelligent apparatus client and the method for public cloud network | |
| CN104769909B (en) | Certification between net | |
| US6823452B1 (en) | Providing end-to-end user authentication for host access using digital certificates | |
| CN103039038B (en) | Method and system for efficient use of a telecommunication network and the connection between the telecommunications network and a customer premises equipment | |
| CN105025044B (en) | A kind of apparatus control method and system | |
| CN201194396Y (en) | Safe gateway platform based on transparent proxy gateway | |
| CN104322001A (en) | Transport layer security traffic control using service name identification | |
| CN107580065A (en) | A kind of private clound cut-in method and equipment | |
| CN101212374A (en) | Method and system for remote access to campus network resources | |
| CN101420455A (en) | Systems and/or methods for streaming reverse http gateway, and network including the same | |
| CN107612736A (en) | A kind of web browser operation audit method based on container | |
| WO2009032097A1 (en) | Highly scalable architecture for application network appliances | |
| CN109768999A (en) | A kind of SSH multichannel TCP agent method based on WebSocket | |
| CN107295312A (en) | A kind of wireless video safety access system based on SSL VPN | |
| KR101472685B1 (en) | Network connection gateway, a network isolation method and a computer network system using such a gateway | |
| CN110278181A (en) | A kind of instant protocol conversion technology about inter-network data exchange | |
| CN102647300A (en) | Network equipment remote maintenance system and maintenance method | |
| KR20190052541A (en) | Method and apparatus for providing network path between service server and user terminal | |
| CN103384250A (en) | Systems and methods for application-based interception and authorization of ssl/vpn traffic |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |