Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Timestamp-based API replay attack defense system and method

A technology of replay attack and defense system, applied in the field of defense system of API replay attack, can solve problems such as system data leakage, abnormal business data, and disordered business process, so as to ensure fast response, reduce system coupling, and save development. cost effect

Active Publication Date: 2019-12-24
YUNNAN KUNGANG ELECTRONICS INFORMATION TECH CO LTD
View PDF11 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] On the premise of already having technical means such as identity authentication, core data encryption, and data integrity verification, how to prevent criminals from using replay attacks to attack the open API of the information system, resulting in system data leakage, business data abnormalities, and business failures? Problems such as process confusion are urgent problems to be solved in the process of information system construction

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Timestamp-based API replay attack defense system and method
  • Timestamp-based API replay attack defense system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention. In the following description, in order to clearly show the structure and working method of the present invention, the accompanying drawings will be used as the basis to describe with the help of many directional words, but "front", "rear", "left", "right", Words such as "up" and "down" are to be understood as convenient terms, and should not be understood as restrictive terms.

[0054] A timestamp-based defense system for API replay attacks, including a client 1...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a timestamp-based API replay attack defence system and a method, and aims to provide the defense system and the method capable of improving system security. The defense systemcomprises a client and a system server. The client is used as an API request initiator, and the client initiates API access to the system server according to service requirements; assembling interfacerequest parameters according to an established communication protocol, processing a result fed back by the server, and driving the trend of a business process; the client comprises a timestamp synchronization module, a random number generation module and a data signature and encryption module; the system server is used for receiving an API access request from a client and providing an open service; for replay attack defense, intercepting all API requests, judging whether to replay attacks according to request parameters and system records, and recording related request information to form anaudit log module; and the system server comprises a replay attack judgment module, a request record maintenance module and an audit log module.

Description

technical field [0001] The invention relates to the technical field of information system access security, in particular to a time stamp-based defense system and method for API replay attacks. Background technique [0002] With the rapid development of Internet technology, enterprise informatization has penetrated into all aspects of enterprise production, manufacturing and operation management. Different industries and different business fields have spawned many professional information systems for various fields, which have made great contributions to the production and operation of enterprises. huge contribution. These information systems are both independent and interrelated, and there is frequent information interaction between different systems. For example, the e-commerce system may rely on the administrative approval function of the OA office system to complete the approval of item procurement applications, etc. Many systems handle information interaction between sy...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/08H04L9/32H04L29/06
CPCH04L9/0869H04L63/0428H04L63/10H04L63/1441H04L63/0876H04L63/1425H04L63/123H04L9/3297
Inventor 资平飞许斌聂莹邱永华邵翠萍陆培生李晓永
Owner YUNNAN KUNGANG ELECTRONICS INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products