Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Application program network access control method, device and equipment

A technology for network access control and application program access. It is used in network interconnection, data exchange network, and data exchange through path configuration. It can solve problems such as traffic accuracy control that cannot access the network, and achieve the effect of increasing traffic control accuracy.

Active Publication Date: 2021-08-24
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Embodiments of the present invention provide a method, device, and equipment for network access control of application programs to solve the problem in the prior art that the flow of access to the network cannot be precisely controlled

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application program network access control method, device and equipment
  • Application program network access control method, device and equipment
  • Application program network access control method, device and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0054] The first embodiment of the present invention provides a method for application network access control, such as figure 1 shown, including:

[0055] Step S101: Obtain a VPN resource and a control access list corresponding to the VPN resource;

[0056] The control access list is set by the VPN server according to the VPN resources. A specific application scenario of the embodiment of the present invention is that the application program (APP) connects to the VPN server through the VPN client, and then performs network access through the VPN. The control on the VPN server After the access list is set, the VPN client obtains the control access list on the VPN server.

[0057] Step S102: Obtain the message information in the received traffic message;

[0058] The application sends traffic to the VPN client, and the VPN client obtains the response packet information in the traffic after receiving the traffic. The VPN client may be a specific application program installed o...

Embodiment 2

[0085] The embodiment of the present invention is a specific application of the method for application program network access control such as Figure 4 shown.

[0086] Step 1: The VPN server sets the control access list according to the VPN resources.

[0087] Step 2: The VPN client logs into the service.

[0088] Step 3: The VPN client service obtains the VPN resource set by the server in step 1 and its corresponding control access list.

[0089] Step 4: Store the resource obtained in step 3 and its corresponding control access list.

[0090] Step 5: An APP sends traffic to a certain resource of the VPN.

[0091] Step 6: Analyze the traffic message sent by the APP in step 5, and obtain relevant information in the message.

[0092] Step 7: Match the packet information analyzed in step 6 with the VPN resources obtained in step 3.

[0093] Step 8: Use the application network access awareness method to obtain specific APP information and its network connection information. ...

Embodiment 3

[0130] Such as Figure 5 As shown, the embodiment of the present invention provides an application program network access control device, including:

[0131] List obtaining module 501: used to obtain VPN resources and the control access list corresponding to the VPN resources;

[0132] Message information acquisition module 502: used to acquire message information in the received flow message;

[0133] Matching module 503: used to match the message information with the VPN resource;

[0134] Information obtaining module 504: used to obtain the information of the application program and the network connection information of the application program;

[0135] Confirmation module 505: for matching the information of the application program and the network connection information with the control access list, so as to confirm the VPN resources accessed by the application program;

[0136] The control module 506 is configured to control the traffic of the application program acces...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention discloses a method, device and equipment for network access control of application programs, wherein the method for network access control of application programs includes: acquiring VPN resources and control access lists corresponding to the VPN resources; acquiring received traffic message information in the message; matching the message information with the VPN resource; obtaining the information of the application program and the network connection information of the application program; combining the information of the application program with the network connection information The connection information is matched with the control access list, so as to confirm the VPN resource accessed by the application program; and the flow of the application program accessing the VPN resource is controlled according to the control access list. Solved the problem that the precision control of traffic accessing the network cannot be performed. A positive technical effect of increasing flow control accuracy is obtained.

Description

technical field [0001] The invention relates to the field of mobile network security, in particular to a method, device and equipment for network access control of application programs. Background technique [0002] The development of VPN technology can enable users to use remote access services safely and cheaply. After the VPN client establishes a connection with the VPN server and establishes a tunnel, data information can safely access the destination network through the tunnel. However, there are still security risks at the end of the tunnel. The terminal program can launch network attacks to the internal network through the VPN tunnel. [0003] At present, after the enterprise APP initiates network requests, it will import these requests into the local VPN service, then identify the type of network requests obtained by the VPN service, and then intercept the identified illegal requests. [0004] In the prior art, all traffic accessing the VPN service of the client i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/859H04L12/46H04L47/2475
CPCH04L12/4641H04L47/2475H04L63/0272H04L63/101
Inventor 李梓瑜陈天凯罗元
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products