CN106257888A - Privately owned high in the clouds routing server connection mechanism for privately owned communication construction - Google Patents
Privately owned high in the clouds routing server connection mechanism for privately owned communication construction Download PDFInfo
- Publication number
- CN106257888A CN106257888A CN201510603713.1A CN201510603713A CN106257888A CN 106257888 A CN106257888 A CN 106257888A CN 201510603713 A CN201510603713 A CN 201510603713A CN 106257888 A CN106257888 A CN 106257888A
- Authority
- CN
- China
- Prior art keywords
- clouds
- privately owned
- routing server
- owned high
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000007246 mechanism Effects 0.000 title claims abstract description 16
- 230000006854 communication Effects 0.000 title claims description 96
- 238000004891 communication Methods 0.000 title claims description 80
- 238000010276 construction Methods 0.000 title description 2
- 238000000034 method Methods 0.000 claims abstract description 33
- 230000008859 change Effects 0.000 claims abstract description 8
- 230000004044 response Effects 0.000 claims description 4
- 230000000007 visual effect Effects 0.000 description 17
- 230000005540 biological transmission Effects 0.000 description 11
- 230000006870 function Effects 0.000 description 4
- 230000006855 networking Effects 0.000 description 4
- 238000004080 punching Methods 0.000 description 4
- 230000001419 dependent effect Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 101100048435 Caenorhabditis elegans unc-18 gene Proteins 0.000 description 2
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 235000013399 edible fruits Nutrition 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013479 data entry Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 206010022000 influenza Diseases 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000000149 penetrating effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention discloses a kind of method providing secured session formula message connection mechanism in routing server (PCRS) network of privately owned high in the clouds between privately owned high in the clouds routing server (PCRS) and at least one smart client.Described method comprises initialization and opens described privately owned high in the clouds routing server.Described method also comprises establishment privately owned high in the clouds routing server client (PCRS Client) and watches described privately owned high in the clouds routing server client.It addition, described method comprises point-to-point password and the state editing described privately owned high in the clouds routing server.Described method also comprises by least one smart client described described point-to-point password of change.Described method also comprises and described point-to-point password and state is reset from privately owned high in the clouds routing server LAN (PCRS LAN) by manager.Finally, described method comprises and is connected to described privately owned high in the clouds routing server by least one smart client described.
Description
Technical field
The present invention relates generally to network and connects (networking), more specifically, relates to privately owned high in the clouds net
The use of network.
Background technology
In the Internet JA(junction ambient), comprise smart mobile phone, flat board, electronic book reading machine (eBook reader),
Notebook computer, personal computer (personal computer;And various intelligent device (gadget) PC)
(ubiquitous) and the most not is widely used in interior smart client (Smart Device Client)
At (omnipresent).In addition to connectivity (connectivity), the value of smart client is wherein
One of be can be attached whenever and wherever possible capturing service from one or more service sides or server.These services
Comprise audio frequency, video content, live or archive information and the execution of application program, Social Media, message biography
Send (messaging), Email, store, back up, calendar, telephone directory (contact), synchronize, share,
Remote desktop (remote desktop), Internet of Things (Internet of Things;IoT) and other service.Other
Services package is contained between at least two smart client immediately, secret and the video of safety, audio frequency, text
And interapplication communications.There is different types of server is these the various requests from smart client
Service.By and large, the server of these types can be classified into following two group: public high in the clouds and privately owned cloud
End.Belong to the server in public high in the clouds, as the term suggests, the service provided is often free but function is limited or
Charge and there is more complicated service, and mutual with public masses.The example of public cloud server comprises via mutually
Data center, Social Media service and the storage/content provider of networking.On the other hand, privately owned high in the clouds is belonged to
Server tend to solve private demand.Contrary with the service that public high in the clouds is provided, privately owned high in the clouds is provided
Service more private and individualized (personal).
One example of the application of privately owned cloud server (private cloud server) is the storage service of privately owned high in the clouds
Device (private cloud storage server;PCSS).Privately owned high in the clouds storage server is positioned at and is managed by user
LAN (local area network;LAN) in.Privately owned high in the clouds storage server for be in described LAN or
Wide area network (wide area network;WAN) user in provides (on-line) and standby (backup) on line
Storage.User can use smart client to access the letter in privately owned high in the clouds storage server whenever and wherever possible
Breath.Therefore, privately owned high in the clouds storage server and the smart client that is associated form privately owned cloud service
Device and the example of client framework.
Traditionally, there is many storage server solutions and (comprise network attached storage (network attached
storage;NAS), Windows/Mac/Linux server and direct additional storage (direct attached
storage;DAS)) to meet the requirement of privately owned high in the clouds storage server.But for intelligent in described field
How the challenge of device client always avoids the fire wall after the router for penetrating on LAN to access
Loaded down with trivial details (cumbersome) that privately owned high in the clouds storage server in family or working environment is carried out is arranged.Right
At least there are four kinds of solutions in this challenge.
The first solution is that router assignment (assign) stored before server for privately owned high in the clouds is fixing
Internet protocol (IP) address open certain port so that smart client can be outside LAN
Position privately owned high in the clouds storage server can self-authentication (authenticate), firewall-penetrating and with privately owned
High in the clouds storage server sets up the communication port of safety.
When the second solution is applicable to cannot obtain the Internet protocol address fixed.User configures privately owned cloud
The LAN router of end storage server open certain port are to map to privately owned high in the clouds storage server.Therefore,
Can be by intended smart client via Dynamic Networks domain name system (the dynamic DNS on wide area network;
DDNS) service positions router.Smart client can self-authentication, firewall-penetrating with privately owned
High in the clouds storage server sets up the communication port of safety.
Another routing server that the third solution is dependent in wide area network is to carry out smart client
And virtual private networks (the virtual private network between privately owned high in the clouds storage server;VPN) communication.
Virtual private networks communication make smart client can position privately owned high in the clouds storage server, self-authentication,
Firewall-penetrating also sets up the communication port of safety with privately owned high in the clouds storage server.
Another routing server that 4th kind of solution is dependent in wide area network is to carry out smart client
And remote desktop agreement (the remote desktop protocol between privately owned high in the clouds storage server;Or virtual RDP)
Network calculations (virtual network computing;VNC) communication.Remote desktop agreement/Virtual Networking Computing
Communication makes smart client can position the storage of privately owned high in the clouds server, self-authentication, firewall-penetrating
And set up the communication port of safety with privately owned high in the clouds storage server.Other solutions can be above-mentioned solution
Mix and match.
In the first situation, need fixing Internet protocol address and need to arrange and configuration router.Unfavorable
Part is that the Internet protocol cost fixed is higher and generally cannot obtain in family and little corporate environment.Road
Being arranged by device and configure may be extremely complex and do not have user affinity for most consumers
(user-friendly)。
In the second situation, Dynamic Networks domain name system service and router is needed to need more complicated setting.
Equally, Dynamic Networks domain name system arranges and makes described system cost higher and more complicated.Router is arranged and configuration
May be extremely complex and for most consumers, do not have user affinity.
In third and fourth kind situation, need to set up external routes server or service, without carrying out road
Arranged by device.External routes server or service are for controlling and processing between smart client and server
Log in (login)/checking.The privacy in privately owned high in the clouds and safety can be due to public high in the clouds type server or services
And reduce.If described server or service are broken down because of any reason, then entail dangers to privately owned high in the clouds storage clothes
The communication of business device and availability.
All these situations are required to the technology of specialty, and this is likely to be suited for tradition company's environment, but these situations are also
(centric deployment) is disposed at the smart client center not being suitable for directions for consumer.
In most of legacy systems, accessing privately owned cloud service (Private Cloud Service) period, intelligence
Type device client can use outside or public high in the clouds type routing server.Use external server can be given intelligent
The device client owner causes all scrupulous.
First, always there is query in sense of trust, because owning between smart client and privately owned cloud service
In communication transaction, outside or public high in the clouds type routing server is always intermediate (middleman).It can be held
Smart client and all user accounts informations, password and the interconnection of its correspondence of privately owned cloud service
FidonetFido address.Routing server can be detected the communication of any centre and make it become dangerous.
Second, as outside and public high in the clouds type routing server, the business model of the owner of server may not
Can be consistent or Tong Bu with the smart client owner always.If routing server is because of any business reason
Out of service, the most there is not any means to save the situation or replacement option recovers service.Routing server is given potentially
User causes huge commercial risks, because the important link (link) in Tong Xin may damage but without recourse
Power (recourse).
Traditionally, in the situation of the communication between two smart client, both sides are required to sign in public affairs
With high in the clouds type server to reach instant video, audio frequency, text or interapplication communications.As described above, based on
Described communication must via public high in the clouds type server the fact, privacy and safety will be destroyed easily.
Accordingly, it would be desirable to a kind of system and method solving the problems referred to above.The present invention i.e. meets this kind of needs.
Summary of the invention
The present invention discloses the method that one utilizes public cloud network (public cloud network).Described method
Comprise at least one privately owned high in the clouds routing server (private cloud routing server;PCRS) with at least
One smart client is arranged to master slave relation (client server relationship).Described at least one
Privately owned high in the clouds routing server comprises the first message box associated there.Described first message box is positioned at public high in the clouds
On network.At least one Smart Client described comprises the second message box associated there.Described second message
Box is positioned on described public cloud network.Described method also comprise in a secure manner in described first message box with described
Conversational message is transmitted between second message box.
Secured session between described privately owned high in the clouds routing server and at least one smart client described
Formula message connection mechanism includes: initialize and open described privately owned high in the clouds routing server, creates privately owned high in the clouds route
Server client, watches described privately owned high in the clouds routing server client, manager edit privately owned high in the clouds route
The point-to-point password of server and state, changed described privately owned high in the clouds road by least one smart client described
By the point-to-point password of server, by manager from privately owned high in the clouds routing server LAN (PCRS LAN) by institute
State the privately owned high in the clouds point-to-point password of routing server and state resets and by least one intelligent device described
Client is connected to described privately owned high in the clouds routing server.Described conversational message is by described privately owned high in the clouds route clothes
Business device and at least one smart client described checking.Described smart client and described privately owned cloud
End routing server can be verified in described conversational message and be in communication with each other afterwards.
Then at least one private network service by intelligent apparatus client via described public cloud network based on institute
State the conversational message being verified to access safely.Described method also comprises at least another smart client
Being arranged to at least one privately owned high in the clouds routing server described is master slave relation.It is verified in described conversational message
Afterwards, described at least two smart client can be in communication with each other with described privately owned high in the clouds routing server.
Described at least two smart client can secret and safely via described public cloud network phase intercommunication
Letter.
Accompanying drawing explanation
Fig. 1 is the block chart of tradition high in the clouds network infrastructure (Cloud Network Infrastructure);
Fig. 2 is according to the connection machine between privately owned high in the clouds routing server and the smart client of the present invention
The block chart of the cloud network infrastructure first embodiment of system;
Fig. 3 is according to the connection machine between privately owned high in the clouds routing server and the smart client of the present invention
The block chart of cloud network infrastructure second embodiment of system;
Fig. 4 is according to the connection machine between privately owned high in the clouds routing server and the smart client of the present invention
The block chart of cloud network infrastructure the 3rd embodiment of system;
Fig. 5 shows the communication process being initialized and opening privately owned high in the clouds routing server according to the present invention by manager;
Fig. 6 shows the communication process of the client being created privately owned high in the clouds routing server according to the present invention by manager;
Fig. 7 shows that the privately owned high in the clouds routing server client registers according to the present invention is to privately owned high in the clouds route service
The communication process of device;
Fig. 8 shows that the privately owned high in the clouds routing server client according to the present invention is from privately owned high in the clouds routing server visitor
Family end device is connected to the communication process of privately owned high in the clouds routing server;
9th figure shows the communication process of the client watching privately owned high in the clouds;
Figure 10 shows being reset point-to-point password by manager and editing privately owned high in the clouds route clothes according to the present invention
The communication process of the attribute (attributes) of business device client terminal device;
Figure 11 shows and is changed privately owned high in the clouds route service according to the present invention by privately owned high in the clouds routing server client
The communication process of the point-to-point password of device client terminal device;
Figure 12 shows that client terminal device 1 is connected via point-to-point (P2P) of cloud network with client terminal device 2
The communication process (prior art) of mechanism;
Figure 13 is privately owned high in the clouds routing server with privately owned high in the clouds routing server client terminal device via cloud network
Point-to-point connection mechanism communication flow diagram;
Main element description of symbols
100: public high in the clouds
101,106,107,109,110,111: smart client
102:Router_P
103:Router_S
104: LAN
105: LAN
108: privately owned cloud server
112: middle routing server
113: public cloud server
114: virtual private networks routing server
201,206,207,209,210,211,221: smart client
202:Router_P
204: entity LAN
208: privately owned high in the clouds routing server
212: middle routing server
213: public cloud server
214: virtual private networks routing server
215: client message box
216: routing server message box
222,223,224,225: communication path
228: private network service
240: virtual private LAN
250: entity LAN
270:PCRS_Utility
271: privately owned high in the clouds routing server client database
272: routing server message box utility program
273: administrator device
274:PCRS_App
275: privately owned high in the clouds routing server server database
276: client message box utility program
277: privately owned high in the clouds routing server client terminal device
278:PCRS_App
279: privately owned high in the clouds routing server server database
280: client message box utility program
281: be invited to end device
282: client message box utility program
301,306,309,310,311,321,335: smart client
302:Router_P
308: privately owned high in the clouds routing server
326: communication path
328: private network service
334: LAN
336: private network service
340: VLAN
350: entity LAN
360: entity LAN
401,409,410,411,421,435: smart client
408: privately owned high in the clouds routing server
417:Public_IP_P
426: communication path
434: LAN
436: private network service
440: take VLAN
460: entity LAN
500、501、502、503、504、505、506、507、508、510、511、512、513、514、
515,516,540,541,542,543: step
600、601、602、603、604、605、610、611、612、613、614、620、621、622、
640,641,642: step
700、701、702、703、704、705、706、707、710、711、712、713、714、715、
716,717,718,719,720,740,741,743,744: step
800、801、802、803、804、805、806、807、808、809、810、811、812、813、
814,815,816,817,820,840,841,842,843,844,845,846: step
900,901,902,903,904,905,906,910,911,912,940,941,942: step
Suddenly
1000、1001、1002、1003、1004、1005、1006、1007、1008、1010、1011、1012、
1013,1014,1015,1016,1017,1020,1040,1041,1042,1043,1044,1045:
Step
1100、1101、1102、1103、1104、1105、1110、1111、1112、1113、1114、1115、
1116,1140,1141,1142: step
1200: centre/virtual private networks routing server utility program
1201: client terminal device 1 application program
1202: client terminal device 2 application programs/utility program
1300:PCRS utility program (server section)
1301:PCRS client terminal device 1 application program
1302:PCRS utility program (client part)
Detailed description of the invention
The present invention relates generally to network and connects, and more specifically, relates to the use of privately owned cloud network.Carry
It is to enable those of ordinary skill in the field to make and the present invention for following description, and following description
It is with patent application and to require to provide as background.Embodiment described herein and General Principle and feature are made
Various retouchings for it will be apparent to those skilled in the art that.Therefore, the present invention is not intended to be limited to institute
The embodiment shown, and be intended to meet the widest scope consistent with principle described herein and feature.
In discussion in the whole text within a context, term " client " can exchange with " smart client ".
In discussion, term " router " typically can be with " gateway (gateway) ", " access point " and/or " network
Address mapping " (network address translation;NAT) exchange.
A system in accordance with the present invention and method can solve following in the environment of directions for consumer for wide area network
In the challenge of smart client, allow it to obtain from privately owned high in the clouds storage server (PCSS)
Or any privately owned cloud server (Private Cloud Server;PCS) service:
Access privately owned cloud server (PCS) the most whenever and wherever possible.
2. after fire wall, access privately owned cloud server with fixing or dynamic Internet protocol address.
Need not outside or public high in the clouds type routing server the most in the wide area network.
Need not extra router the most in a local network arrange.
5. utilize privately owned cloud server to verify.
6. set up the communication port of safety with privately owned cloud server.
If these challenges can be tackled and solved, then can be because of the simplification of plug and play (plug and play)
And availability and make the deployment of privately owned cloud server or service exponentially to increase.Do not utilize public high in the clouds type
Routing server also can technology for eliminating and business misgivings.In the infrastructure of privately owned high in the clouds, it is used to storage, far-end
The privately owned cloud server of desktop services and Internet of Things (IoT) can allow people can afford and be widely used.
In the environment of privately owned high in the clouds, if the privately owned cloud server of more than one or service coexist, then by privately owned simultaneously
The function of cloud server is divided into two mac function (to comprise privately owned high in the clouds route service (Private Cloud
Routing Service;And private network service (Private Network Service PRS);PNS) it is) to have
Profit.Private network service is designed to be entered by smart client in wired or wireless private network environment
Line pipe reason and access.The example of private network service comprises: provide the application program of remote desktop agreement (RDP)
The application that server, Virtual Networking Computing, office tools, media player and other user are special.Private
Network service is had also to be used as serving privately owned high in the clouds and comprising the memory space of multiple terabyte (terabyte)
(storage) storage server.The function of the privately owned high in the clouds route service of multiple privately owned high in the clouds routing server is right
After can be polymerized in becoming only one privately owned high in the clouds routing server (PCRS) together.Privately owned high in the clouds route service
Device generally can be referred to as privately owned high in the clouds router.
The system according to the present invention and method can solve the challenge in the environment of following directions for consumer, wide to utilize
Smart client in the net of territory manages and accesses the private from privately owned high in the clouds routing server (PCRS)
There is network service (PNS).
Access privately owned high in the clouds routing server (PCRS) the most whenever and wherever possible.
2. after fire wall, access privately owned high in the clouds routing server with fixing or dynamic Internet protocol address.
Need not outside or public high in the clouds type routing server the most in the wide area network.
Need not extra router the most in a local network arrange.
5. utilize privately owned high in the clouds routing server to verify.
6. set up the communication port of safety to be managed and to access with private network service.
If privately owned high in the clouds routing server can meet above-mentioned challenge, then from different manufacturers and supplier
(vendor) the privately owned cloud server of heterogeneity can be broken down into simpler private network service and eliminate privately owned
The complexity that high in the clouds arranges, configures and access.
The purpose of the system according to the present invention and method is to provide the privately owned high in the clouds route clothes not utilizing routing server
Business device (PCRS), private network service and client framework.The system according to the present invention and method can solve above-mentioned
Challenge, to enable the client to access private network service (PNS) whenever and wherever possible.Described system and method also with
Fixing or dynamic Internet protocol accesses private network service after fire wall, need not extra in the wide area network
Router is arranged and public high in the clouds type routing server, utilizes privately owned high in the clouds routing server to verify, and directly
Connect and set up safe communication port with private network service.
As it is shown in figure 1, cloud network infrastructure comprises the public high in the clouds 100 being positioned in wide area network, public high in the clouds
Server 113, middle routing server 112, virtual private networks routing server 114, intelligent device visitor
Family end 101 and Router_P 102 and Router_S 103.Router_S 103 is connected to LAN 105
And between the Internet in public high in the clouds 100.Router_P 102 is connected to LAN 104 and public high in the clouds 100
In the Internet between.It is smart client 106,107 and privately owned cloud service after LAN 104
Device (PCS) 108.It it is smart client 109,110 and 111 after LAN 105.Intelligent dress
Putting client can be personal computer, notebook computer, flat board, electronic book reading machine, global positioning system
(Global Positioning System;GPS), intelligent television, Set Top Box (set top box), MP3 play
Device or any can network connect embedded device.
Beyond the clouds in network infrastructure, smart client is represented as 101,106,107,109,
110 and 111.Above smart client therein any one context and discuss in interchangeable.This
Discussion focuses on smart client 109, and within a context with it as representative.
Physically, smart client 101,107 or 109 is connectable to privately owned cloud server 108
Situation has three kinds.First, smart client 107 judges whether target is positioned at the accessible LAN in local
In 104 and determine be connected directly to privately owned cloud server 108.Second, smart client 101 determines
Target is not positioned in the accessible LAN 104 in local and determines to be connected to public high in the clouds 100 via wide area network.Extensively
Router_P 102 and LAN 104 are positioned by territory net, and are then connected to privately owned cloud server 108.
3rd, smart client 109 determines that target is not positioned in the accessible LAN 105 in local and determines to wear
Cross LAN 105, Router_S 103 the public high in the clouds 100 being connected in wide area network.
Then Router_P 102 and LAN 104 are positioned and joined to by smart client 109
Privately owned cloud server 108.The first and the second situation are two kinds of special case and are the derivations of the third situation
(derivative).Therefore, focus on that in higher 3rd situation of wider and complexity be useful.
Routing server message box 216 or client message box 215 can be hosted in e-mail server, text disappears
Breath server, the webserver can be maybe privately owned high in the clouds routing server 208 (as server) and intelligent dress
Put the information exchange trustship between client 206,207,209,210,211,201,221 (as client)
In any kind of server of security message.Routing server message box message_box_P 216 or client
Message box message_box_S 215 is accessible and at privately owned high in the clouds routing server 208 (as service
Device) or smart client 206,207,209,210,211,201,221 (as client)
Under safety and secret control.In the industry cycle, safety and the business model person of having been used of message box understands and expects.
No matter causing arbitrary message box to break down because of any reason, it all can be replaced or redeployed without endangering immediately
And communication between server and client in the infrastructure of privately owned high in the clouds.
Fig. 2 shows between privately owned high in the clouds routing server and smart client in order to explore and to access
The cloud network infrastructure first embodiment of the secure connection mechanism of the private network service in whole public high in the clouds
Block chart.Smart client 201,211 and 221 is respectively via communication path 222,224 and 223
Privately owned high in the clouds routing server 208 can be positioned with the mechanism disclosed in Fig. 5 to Figure 11.Privately owned high in the clouds route
Server 208 then set up virtual LAN VLAN 240 with allow be authorized to smart client 201,
211 and 221 add the member as virtual LAN VLAN 240.Smart client 201 is as master
Machine end can initiate secret and the communication of safety via the program installed.Smart client 211 or 221 conduct
Object end (guest) can via install program receive described communication invite and with host side intelligent device client
End 201 carries out the communication session (communication session) of secret and safety.
As shown in Figure 2, when smart client 201 is intended to as host side initial communication session, install
First program in described host side smart client arranges (locate) via communication path 222 and steps on
Enter (log-in) to privately owned high in the clouds routing server (PCRS) 208.It is arranging privately owned high in the clouds routing server
After 208, add virtual LAN VLAN 240.Described smart client permits as host side 201
Promise engages in conversation communication.Described program allows smart client 201 to set up and trustship communication session.Described
Program broadcast host side session is to invite communication object end 221.Afterwards, described program starts discernible object
The scanning of end 221.The most described object end is verified, and smart client 201 can be as host side and institute
State the object end smart client 221 initial secret and the communication of safety being verified.Described secret and safety
Communication comprise video, audio frequency, text or application program.Described application program is by both host side and object end
The program (program) of identification, utility program (utility), operation (operation) or remote desktop (remote
desk)。
If smart client 211 or 221 be intended to as object end add communication session, described in be installed on visitor
The program of body end smart client arranges and logs into privately owned via communication path 224 or 223 the most respectively
High in the clouds routing server (PCRS) 208.After arranging privately owned high in the clouds routing server 208, it adds service
Virtual LAN VLAN 240 under device.Described smart client engages in conversation logical as the promise of object end
Letter.The invitation to be communicated such as described program.Once it receives communication invitation, smart client 211 or 221
Communication session can be added as object end.Described program then proceeds by scanning to discernible host side.Knowing
Not during described host side, checking is logined in the communication that described program is pointed out by host side.Upon checking, described
Smart client then can add communication session.Smart client 211,221 is as object end
With host side smart client 201 initial secret and the communication of safety.The communication bag of described secret and safety
Containing video, audio frequency, text or application program.Described application program can be known by host side and object end both
Other program, utility program, operation or remote desktop.
In another embodiment of the invention, smart client can with under the routing server of privately owned high in the clouds
On entity local network LAN 1250 or virtual LAN VLAN 240, secret and peace are set up in any palp service
Full communication.As shown in Figure 2, arrange when smart client 201,211 or 221 and log into private
When having high in the clouds routing server 208, it can access any on privately owned high in the clouds road via the communication path 225 of safety
By the entity local network LAN 1250 under server and the palp privately owned net in virtual LAN VLAN 240
Network service 228.Described private network services package is containing audio frequency, video content, live or archive information and application
The execution of program, Social Media, message transmission (messaging), Email, store, back up, calendar,
Telephone directory, synchronize, share, remote desktop, Internet of Things (IoT) and other.
In an embodiment, the communication between privately owned high in the clouds routing server (PCRS) and smart client
Path 225 can comprise seven group commands:
1. initialize (by manager from LAN) and open privately owned high in the clouds routing server
2. privately owned high in the clouds routing server client is created (by manager from LAN)
3. note (by privately owned high in the clouds routing server client from wide area network privately owned high in the clouds routing server LAN)
Volume is to privately owned high in the clouds routing server
4. (by privately owned high in the clouds routing server client from wide area network privately owned high in the clouds routing server LAN) even
It is connected to privately owned high in the clouds routing server
5. watch privately owned high in the clouds routing server client (by manager from privately owned high in the clouds routing server LAN)
End
6. by (manager is from privately owned high in the clouds routing server LAN) by point-to-point for privately owned high in the clouds routing server
Password and state reset
7. (by privately owned high in the clouds routing server client via virtual private networks (VPN) from high in the clouds route clothes
Business device LAN) change the privately owned high in the clouds point-to-point password of routing server
Introducing many entities communication path 225 with realization safety, these entities include but not limited to: manager,
Administrator device (Admin Device), privately owned high in the clouds routing server utility program (PCRS Utility), private
There is high in the clouds routing server client terminal device, be invited to hold (Invitee) and be invited to end device (Invitee Device).
These entities are defined as follows in this article.Utility program is to operate in the utility program in the routing server of privately owned high in the clouds.
Administrator device is that manager is for configuring the device of privately owned high in the clouds routing server.Privately owned high in the clouds routing server visitor
Family end device is to be invited to end for the device communicated with privately owned high in the clouds routing server.Being invited to end is the person of being managed
Invite the entity side (physical party) accessing the routing server service of privately owned high in the clouds and resource.It is invited to end
Device is to be invited to end for the smart client communicated with privately owned high in the clouds routing server.
Introduce some terms, including Access_Code, Code_Expiration, Address_Invitee,
Address_PCRS_Client、Hash_Password_PCRS_P2P、Password_PCRS_P2P_Expiration、
And the Status (state) in the routing server client database of privately owned high in the clouds.These terms are defined as follows.
Access_Code is to be invited to end by privately owned high in the clouds routing server via what message box 216 sent by manager
Access code.Code_Expiration be in order at security purpose access code inefficacy (expiration) date/
Time.Address_Invitee is the message box address being invited to end.Address_PCRS_Client is can be different
Message box address in the privately owned high in the clouds routing server client being invited to end.
Hash_Password_PCRS_P2P is the hashed password of privately owned high in the clouds routing server point-to-point communication.Its storage
In the routing server client database of privately owned high in the clouds.For security consideration, actual password
Password_PCRS_P2P is from being not stored in the routing server of privately owned high in the clouds.
Password_PCRS_P2P_Expiration is the inefficacy of Password_PCRS_P2P.Status is recorded on private
There are active (Active), inactive (Inactive) of PCRS_Client in the routing server client database of high in the clouds
Or (Deleted) state of deletion.
Other terms not being associated with privately owned high in the clouds routing server client database have: Address_PCRS,
Password_PCRS, Password_PCRS_Client and VLAN sub-network.It defines such as in this article
Under.Address_PCRS and Password_PCRS is for configuring the message box account of privately owned high in the clouds routing server
(account).It only uses once and for safety during initializing and opening privately owned high in the clouds routing server
Purpose is never stored.Address_PCRS_Client and Password_PCRS_Client is used for configuring privately owned cloud
The message box account of end routing server client.Its only during creating privately owned high in the clouds routing server client
Data base uses once.Although Address_PCRS_Client is stored in data base, but for safety purposes
Password_PCRS_Client is never stored.VLAN sub-network is virtual private networks (VPN)
Sub-network is arranged.For safety purposes, it can configure and change to specify privately owned sub-network.
As shown in Figure 2, PCRS_Utility 270 is contained in privately owned high in the clouds routing server (PCRS) 208,
PCRS_Utility 270 contains again privately owned high in the clouds routing server client database 271 and routing server message
Box utility program 272.Privately owned high in the clouds routing server client database 271 is containing privately owned high in the clouds routing server
The registration inventory of client.Message box utility program 272 can communicate with routing server message box 216.
Administrator device 273 is as smart client 207.It contains application utility program
PCRS_App 274, PCRS_App 274 contain again privately owned high in the clouds routing server server database 275 and
Client message box utility program 276.Privately owned high in the clouds routing server server database 275 is containing privately owned high in the clouds
The registration inventory of routing server server.Message box utility program 276 can communicate with client message box 215.
Privately owned high in the clouds routing server client terminal device 277 is as smart client 201.It contains should
Privately owned high in the clouds routing server server count is contained again with utility program PCRS_App 278, PCRS_App 278
According to storehouse 279 and client message box utility program 280.Privately owned high in the clouds routing server server database 279 contains
There is the registration inventory of privately owned high in the clouds routing server server.Message box utility program 280 can be with client message
Box 215 communicates.
It is invited to end device 281 as smart client 221.It contains client message box practicality journey
Sequence 282.Message box utility program 282 can communicate with client message box 215.Manager uses utility program
PCRS_App 274 Self management person's device 207 initializes and opens privately owned high in the clouds routing server 208, such as Fig. 5
Shown in.Administrator device 207 and privately owned high in the clouds routing server 208 are arranged at same entity LAN 204
On, it is intended to configure for safety purposes, to avoid suffering the assault on the Internet or wide area network.Management
Member first passes through and arranges its name on account and password to configure privately owned high in the clouds routing server routing server message box
Identity code (credential).Subsequently privately owned high in the clouds routing server routing server message box identity code is sent extremely
Privately owned high in the clouds routing server utility program 270 in privately owned high in the clouds routing server 208.
The utility program PCRS_App also person of being managed for creating privately owned high in the clouds routing server client account,
As shown in Figure 6.Manager arranges in PCRS_App 605 subsequently and is invited to hold Notify Address.It subsequently please
Ask privately owned high in the clouds routing server to be sent by routing server message box utility program 272 and connect invitation to route
Server message box 216, through client message box 215, and be eventually sent to be invited to end device 281 and
Its client message box utility program 282.Note, routing server message box 216 and client message box 215
All it is hosted in message box server, such as in e-mail server, the webserver and message server.Road
Logically be may be the same or different by both server message box and client message box.Invitation is received when being invited to end
After 620, it captures PCRS_App from privately owned high in the clouds routing server application program link 621 and incites somebody to action
PCRS_App is installed on desired privately owned high in the clouds routing server client terminal device 277.It is invited to end device
281 may not be with privately owned high in the clouds routing server client terminal device 277 on identical entity apparatus.Invitation to be sent,
Manager must be known by being invited to the message box address Address_Invitee 605 of end.
On desired privately owned high in the clouds routing server client terminal device 277, it is invited to end and starts PCRS_App
700 and the renewal of registration to privately owned high in the clouds routing server 701, as shown in Figure 7.Now, the angle of end it is invited to
Complexion changed becomes the privately owned high in the clouds routing server client on privately owned high in the clouds routing server client terminal device 277.Privately owned
High in the clouds routing server client configures its client message box body by arranging its name on account and password subsequently
Part code, and by described credential registry to client message box 215.The Address_PCRS that previously received and
Access_Code subsequently from be invited to end device 281 capture and with client message account
Address_PCRS_Client is sent to privately owned high in the clouds routing server 710 via 740 together.By privately owned cloud
After privately owned high in the clouds routing server utility program 270 checking in end routing server 208, generation includes
Password_PCRS_P2P is in one group of interior point-to-point connection identity code 714.Actual password passes through client message
Box 215 sends to being invited to end device 281.Hashed password is stored in privately owned cloud together with other client identity codes
In end routing server client database.For security reasons, the point-to-point password of actual client never stores
In privately owned high in the clouds routing server 208.But, its hashed value can be stored on the contrary to compare in the verification
716.It is right that privately owned high in the clouds routing server client terminal device 277 receives from privately owned high in the clouds routing server 208
The confirmation of registration 707, it will be at privately owned high in the clouds routing server server database in PCRS_App 278
Privately owned high in the clouds routing server identity (identity) Address_PCRS is recorded in 279.
Four kinds of orders are provided altogether for administrator device: " initialize and open (Initialize in PCRS_App
And Provision) ", " create client (Create a Client) ", " watch privately owned high in the clouds routing server visitor
Family end (View PCRS Client) " and " reset the point-to-point password of privately owned high in the clouds routing server/editor to belong to
Property (Reset PCRS P2P Password/Edit Attributes) ", as shown in Fig. 5,6,9 and 10.No matter
When relate to manager operation, the most only allow from privately owned high in the clouds routing server LAN (entity
Or virtual) privately owned high in the clouds routing server is accessed.Due to conditional access, by only at privately owned cloud
Carry out the routing server setting of privately owned high in the clouds on end routing server LAN and configuration avoids network traffics to detect
And hacker's behavior (sniffing).
Three kinds of orders are provided for privately owned high in the clouds routing server client terminal device: " be registered in PCRS_App
Privately owned high in the clouds routing server (Register to a PCRS) ", " change point-to-point password (Change P2P
Password) " and " being connected to privately owned high in the clouds routing server (Connect to PCRS) ", such as Fig. 7, Fig. 8
And shown in Figure 11.In the situation that " being registered to privately owned high in the clouds routing server " orders, privately owned high in the clouds route
Server clients end device can run PCRS_App also from wide area network or privately owned high in the clouds routing server LAN
And it is connected to privately owned high in the clouds routing server utility program.Privately owned high in the clouds routing server client terminal device can be from wide
Territory net or privately owned high in the clouds routing server LAN run PCRS_App and are connected to privately owned high in the clouds route service
Device utility program, this is because privately owned high in the clouds routing server client terminal device is practical with privately owned high in the clouds routing server
Between program for be registered to the communication exchange of privately owned high in the clouds routing server be by client message box 215 and
Routing server message box 216, as shown in Figure 7.In the situation ordered for " changing point-to-point password ",
Privately owned high in the clouds routing server client terminal device must be in private after connecting from the secure virtual private network of wide area network
There is high in the clouds routing server local online operation PCRS_App, this is because the most point-to-point password is only
Can reset on the routing server LAN of privately owned high in the clouds.Make privately owned high in the clouds routing server client terminal device even
Being connected to the unique method of privately owned high in the clouds routing server LAN is virtual by privately owned high in the clouds routing server
The secure virtual private network of LAN connects, as shown in Figure 11." it is being connected to privately owned high in the clouds route service
Device " in the situation ordered, privately owned high in the clouds routing server client terminal device also could not be on wide area network or privately owned high in the clouds road
By being connected to privately owned high in the clouds routing server on server LAN everywhere.This order knot on PCRS_App
Fruit be any safe between privately owned high in the clouds routing server client terminal device and privately owned high in the clouds routing server and
The prerequisite of the connection of secret, as shown in Figure 8.
Fig. 3 shows the block chart of second embodiment of the invention.Privately owned high in the clouds routing server 308 is to be similar to Fig. 2
Privately owned high in the clouds routing server 208 mode that is connected to Router_P 202 be connected to the local of Router_P 302
Net.Privately owned high in the clouds routing server 308 also has the entity local network LAN 2_360 connecting downstream.Private network
Service 336 and smart client 335 are attached in downstream.Private network service 336 is via communication
Path 326 and be accessible, be connected to privately owned high in the clouds routing server 308 via LAN 334.As long as
Smart client 311,310,309,301,321,306 and 335 can be via private on whole high in the clouds
High in the clouds routing server 308 is had to explore and access virtual LAN VLAN 340, entity local network LAN 1_350
And entity local network LAN 2_360, all of private network service 328,336 and smart client 306,
335 become accessible.
Fig. 4 shows the block chart of the third embodiment of the present invention.Privately owned high in the clouds routing server 408 links to described
High in the clouds and there is Public_IP_P 417.Privately owned high in the clouds routing server 408 also has the entity office connecting downstream
Territory net LAN2 460.Private network service 436 and smart client 435 are attached in downstream.
Private network service 436 be via communication path 426 be accessible, be connected to private via LAN 434
There is high in the clouds routing server 408.If smart client 411,410,409,401,421 and 435
On whole high in the clouds, can explore and access virtual LAN VLAN 440 via privately owned high in the clouds routing server 408
And both entity local network LAN 2 460, all of private network service 436 and smart client 435
All become accessible.
Fig. 5 shows the communication process being initialized and opening privately owned high in the clouds routing server according to the present invention by manager.
As shown in Figure 5, the visual angle of Self management person's device, via step 500, first administrator device is connected to office
The privately owned high in the clouds routing server network that territory is online.Then, via step 501, from privately owned high in the clouds routing server
LAN opens PCRS_App.Then, via step 502, find on a local area network and select privately owned high in the clouds road
By server A ddress_PCRS.Subsequently, via step 503, select on PCRS_App " initialize and
Open (Initialize and Provision) " order.Afterwards, via step 504, by arranging address, password
(Address_PCRS, Password_PCRS) configures privately owned high in the clouds routing server as its identity.Then,
Via step 505, with manager's identity code (" initializing and open-minded ", Admin_name, Admin_password,
Address_PCRS, Password_PCRS) login privately owned high in the clouds routing server.Via step 540, by body
Part code sends to privately owned high in the clouds routing server utility program 510.Afterwards, via step 506, manager waits
The routing server checking of privately owned high in the clouds.Subsequently, via step 507, configuring virtual LAN sub-network and privately owned cloud
End routing server application program link.Via step 542, send privately owned high in the clouds routing server utility program 514.
Afterwards, if it is desired, then via step 508, privately owned high in the clouds routing server is made to add to existing as client
Access point router.Via step 543, this information is sent to privately owned high in the clouds routing server utility program subsequently
516。
From the visual angle of privately owned high in the clouds routing server utility program, via step 510, accept privately owned high in the clouds route clothes
Business device manager's identity code (" initialize and open-minded ", Admin_name, Admin_password,
Address_PCRS and Password_PCRS).Afterwards, via step 511, authentic administrator identity code
(Admin_name,Admin_password).Via step 541, subsequently identity code is sent to manager's dress
Put 506.Then via step 512 by (Address_PCRS, Password_PCRS) as privately owned high in the clouds road
Stored by the identity of server.Via step 513, (Address_PCRS, Password_PCRS) is noted subsequently
Volume is to routing server message box.Afterwards, VLAN sub-network and privately owned high in the clouds road are stored via step 514
By server application link.Then, via step 515, produce and preserve PCRS_Profile file, bag
Include interface protocol, certificate (certificate) and key.Finally, via step 516, add existing as client
Some access point routers.
Fig. 6 shows the communication process of the client being created privately owned high in the clouds routing server according to the present invention by manager.
The visual angle of Self management person's device, via step 600, first opens from privately owned high in the clouds routing server LAN
PCRS_App.Then, via step 601, find at Address_PCRS and select privately owned high in the clouds to route
Server.Subsequently, via step 602, PCRS_App selects " establishment client " order.Afterwards,
Via step 603, arrange and be invited to hold Notify Address Address_Invitee.Then, via step 604, with
Manager's identity code (" create client, Admin_name, Admin_password, Address_Invitee)
Login privately owned high in the clouds routing server.Subsequently, via step 640, identity code is sent to privately owned high in the clouds route clothes
Business device utility program.Afterwards, via step 605, manager waits the routing server checking of privately owned high in the clouds.
From the visual angle of privately owned high in the clouds routing server utility program, via step 610, first accept privately owned high in the clouds road
By server administrators' identity code (" establishment client ", Admin_name, Admin_password,
Address_Invitee).Afterwards, via step 611, authentic administrator identity code (Admin_name,
Admin_password).Subsequently, via step 641, identity code is sent to administrator device.Then, warp
By step 612, produce Access_Code and the Code_Expiration for Access_Code.Afterwards, warp
By step 613, (Access_Code, Code_Expiration, Address_Invitee) is stored in privately owned cloud
End routing server client database in entry (entry) (Access_Code, Code_Expiration,
Address_Invitee、Address_PCRS_Client、Hash_Password_PCRS_P2P、
Password_PCRS_P2P_Expiration, Status) in.Subsequently, via step 614, with (privately owned high in the clouds
Routing server application program link, Address_PCRS, Access_Code and Code_Expiration) send
Invite to being invited to end Notify Address Address_Invitee.Send to being invited to via 642 and hold 620.
From being invited to the visual angle of end device, via step 620, with privately owned high in the clouds routing server application program link,
Address_PCRS, Access_Code and Code_Expiration accept the invitation to Address_Invitee.
Then, via step 621, PCRS_App is captured from privately owned high in the clouds routing server application program link.Finally,
Via step 622, PCRS_App is arranged on the routing server client terminal device of privately owned high in the clouds.
Fig. 7 shows according to the present invention privately owned high in the clouds routing server client registers to privately owned high in the clouds routing server
Communication process.From the visual angle of privately owned high in the clouds routing server client terminal device, via step 700, from wide area network
Or privately owned high in the clouds routing server LAN opens PCRS_APP.Then, if needing (not shown), then create
Build privately owned high in the clouds routing server client address (Address_PCRS_Client).It follows that via step 701,
PCRS_App selects " register privately owned high in the clouds routing server (Register a Private Cloud Routing
Server) " order.Subsequently, if not yet configuring privately owned high in the clouds routing server client, then via step 702
Address_PCRS_Client and Password_PCRS_Client is set, wherein Password_PCRS_P2P
For be associated with message box 216 address of client at the Address_PCRS_Client of point-to-point communication
Message box password.It follows that via step 702, by Address_PCRS_Client and
Password_PCRS_Client is registered to client message box.Subsequently, via step 703, certainly it is invited to end and picks
Take Address_PCRS and Access_Code.Described information initially receives by being invited to end device 620.
It follows that via step 704, by Address_PCRS and Access_Code with client identity code (" note
Volume privately owned high in the clouds routing server ", Address_PCRS, Address_PCRS_Client, Access_Code)
Sent to privately owned high in the clouds routing server by client message box.Subsequently, via step 740, will
Address_PCRS and Access_Code sends to privately owned high in the clouds routing server device 710.Then, via
Step 705, privately owned high in the clouds routing server client terminal device is waited and being route by the privately owned high in the clouds of client message box
Server authentication.Subsequently, via step 706, privately owned high in the clouds routing server client terminal device waits and passes through client
The privately owned high in the clouds routing server registration of end message box is complete to be confirmed.Then, via step 707, at PCRS_App
On in the routing server server database of privately owned high in the clouds register Address_PCRS entry, if it is new bar
Mesh.
From the visual angle of privately owned high in the clouds routing server utility program, accept privately owned high in the clouds route service via step 710
Device client identity code (" registering privately owned high in the clouds routing server ", Address_PCRS,
Address_PCRS_Client、Access_Code).Via step 712, test, to check
Whether Address_PCRS_Client is in the routing server client database of privately owned high in the clouds.If, via
With routing server address, privately owned high in the clouds (Address_PCRS), step 719, confirms that the appointment being invited to end is privately owned
High in the clouds routing server client address (Address_PCRS_Client), is then back to.Otherwise, via step
712, verify described Access_Code.Then, via step 713, in privately owned high in the clouds routing server client
Data base verifies the Code_Expiration on Access_Code.It follows that via 741, will
Code_Expiration on Access_Code sends to privately owned high in the clouds routing server client terminal device 705.With
After, via step 714, produce with (Access_Code, Code_Expiration, Address_Invitee,
Address_PCRS_Client) be associated (Password_PCRS_P2P,
Password_PCRS_P2P_Expiration、Status).Then, by the hashed value of Password_PCRS_P2P
Save as Hash_Password_PCRS_P2P 715.Subsequently, via step 716, will
(Address_PCRS_Client、Hash_Password_PCRS_P2P、
Password_PCRS_P2P_Expiration, Status) it is stored in privately owned high in the clouds routing server client data
Entry in storehouse (Access_Code, Code_Expiration, Address_Invitee, Address_PCRS_Client,
Hash_Password_PCRS_P2P, Password_PCRS_P2P_Expiration, Status) in.Subsequently,
Via step 717, sent to Address_Invitee by Password_PCRS_P2P is invited to end notice
Address.Then, via step 743, Password_PCRS_P2P is sent to being invited to and hold 720.It follows that
Via step 718, remove Password_PCRS_P2P.Subsequently, via step 719, it route with privately owned high in the clouds
Server address (Address_PCRS) confirms to be invited to the routing server client ground, appointment privately owned high in the clouds of end
Location (Address_PCRS_Client).Then, via step 744, the appointment privately owned high in the clouds road of end will be invited to
Sent to privately owned high in the clouds routing server client terminal device 706 by server client address.From being invited to end device
Visual angle, via step 720, accept and preserve Password_PCRS_P2P for future usage.
Fig. 8 shows according to the present invention objective from privately owned high in the clouds routing server by privately owned high in the clouds routing server client
Family end device is connected to the communication process of privately owned high in the clouds routing server.Fill from privately owned high in the clouds routing server client
The visual angle put, via step 800, opens PCRS_APP from wide area network or privately owned high in the clouds routing server LAN.
Then, via step 801, select from the privately owned high in the clouds routing server routers rs database of registration
Address_PCRS.It follows that via step 802, PCRS_App selects " be connected to privately owned high in the clouds
Routing server " order.Subsequently, via step 803, point-to-point connection request is sent to Address_PCRS.
Then, via step 840, point-to-point connection request is sent to privately owned high in the clouds routing server utility program 810.
It follows that via step 804, use Address_PCRS_Client to start point-to-point negotiation (peer-to-peer
Negotiation), to communicate with privately owned high in the clouds routing server at Address_PCRS.Then, via
Step 841, privately owned high in the clouds routing server client terminal device enters with privately owned high in the clouds routing server utility program 811
Row communication.Subsequently, via step 805, accept PCRS_Profile file to start at Address_PCRS
It is connected with the intelligent virtual private networks of privately owned high in the clouds routing server.It follows that via step 806, in private
Have between high in the clouds routing server and client terminal device and set up point-to-point connection.Then, via step 843, privately owned
High in the clouds routing server client terminal device communicates with privately owned high in the clouds routing server utility program 813.Subsequently,
Via step 807, with client identity code (" being connected to privately owned high in the clouds routing server ", Address_PCRS,
Address_PCRS_Client, Password_PCRS_P2P) login privately owned high in the clouds routing server.Then,
Via step 844, client identity code is sent to privately owned high in the clouds routing server utility program 814.It follows that
Via step 808, privately owned high in the clouds routing server client terminal device etc. is to be verified.Subsequently, via step 809,
Start the point-to-point communication of safety.Subsequently, via step 846, privately owned high in the clouds routing server client terminal device with
Privately owned high in the clouds routing server utility program 817 communicates.Then, via step 820, privately owned high in the clouds route
It is connected to the virtual private LAN on the routing server of privately owned high in the clouds server client equipment safety.
From the visual angle of privately owned high in the clouds routing server utility program, via step 810, accept from
The point-to-point connection request of Address_PCRS_Client.Then, via step 811, Address_PCRS is used
Start point-to-point negotiation to lead to privately owned high in the clouds routing server client at Address_PCRS_Client
Letter.It follows that via step 841, privately owned high in the clouds routing server utility program and privately owned high in the clouds routing server
Client terminal device 804 communicates.Subsequently, via step 812, PCRS_Profile file is sent extremely
Address_PCRS_Client connects to start intelligent virtual private networks.Then, via step 842, will
PCRS_Profile file sends to privately owned high in the clouds routing server client terminal device 805.It follows that via step
813, between privately owned high in the clouds routing server and client terminal device, set up point-to-point connection.Subsequently, via step
843, privately owned high in the clouds routing server utility program leads to privately owned high in the clouds routing server client terminal device 806
Letter.Then, via step 814, accept privately owned high in the clouds routing server client identity code and (" be connected to privately owned
High in the clouds routing server ", Address_PCRS, Address_PCRS_Client, Password_PCRS_P2P).
It follows that via step 815, search in the routing server client database of privately owned high in the clouds based on
The entry inventory of Address_PCRS_Client (Access_Code, Code_Expiration, Address_Invitee,
Address_PCRS_Client、Hash_Password_PCRS_P2P、Password_PCRS_P2P_Expiration、
Status).It follows that via step 816, by check described hashed value whether with privately owned high in the clouds routing server
Hash_Password_PCRS_P2P entry based on Address_PCRS_Client phase in client database
Join, verify existing point-to-point (P2P) password.Subsequently, via step 845, by existing point-to-point (P2P)
Password sends to privately owned high in the clouds routing server client terminal device 808.Then, via step 817, safety is started
Point-to-point communication.It follows that via step 846, privately owned high in the clouds routing server utility program and privately owned high in the clouds
Routing server client terminal device 809 communicates.
Fig. 9 shows the communication process of the client being watched privately owned high in the clouds routing server according to the present invention by manager.
The visual angle of Self management person's device, via step 900, from privately owned high in the clouds, routing server LAN opens PCRS_App.
Then, via step 901, from privately owned high in the clouds routing server router (PCRS Router) data of registration
Storehouse selects Address_PCRS.It follows that via step 902, PCRS_App selects " watch privately owned
High in the clouds routing server client " order.Subsequently, via step 903, select privately owned high in the clouds routing server visitor
Viewing (View) entry in the client database of family is as searching index (look-up index).Then, via step
Rapid 904, with manager's identity code (" watching privately owned high in the clouds routing server client ", Admin_name,
Admin_password, viewing entry) login privately owned high in the clouds routing server.It follows that via step 940,
Manager's identity code is sent to privately owned high in the clouds routing server utility program 910.Subsequently, via step 905,
Administrator device waits the routing server checking of privately owned high in the clouds.Then, via step 906, aobvious based on searching index
Show entry inventory in the routing server client database of privately owned high in the clouds (Access_Code, Code_Expiration,
Address_Invitee、Address_PCRS_Client、Hash_Password_PCRS_P2P、
Password_PCRS_P2P_Expiration and Status).
From the visual angle of privately owned high in the clouds routing server utility program, via step 910, accept privately owned high in the clouds route clothes
Business device client identity code (" watching privately owned high in the clouds routing server client ", Admin_name,
Admin_password, viewing entry).Then, via step 911, to manager's identity code (Admin_name,
Admin_password) verify.It follows that via step 941, manager's identity code is sent to management
Member's device 905.Subsequently, via step 912, it is used as to search index by viewing entry, based on searching index selfishness
Have high in the clouds routing server client database (Access_Code, Code_Expiration, Address_Invitee,
Address_PCRS_Client、Hash_Password_PCRS_P2P、Password_PCRS_P2P_Expiration、
Status) the entry inventory in is replied.Then, via step 942, described reply is sent to administrator device
906。
Figure 10 shows and is reset point-to-point password according to the present invention by manager and edit privately owned high in the clouds route service
The communication process of the attribute of device client terminal device.The visual angle of Self management person's device, via step 1000, from privately owned
High in the clouds routing server LAN opens PCRS_App.Then, via step 1001, privately owned from registered
High in the clouds routing server routers rs database selects Address_PCRS.It follows that via step 1002,
The upper selection of PCRS_App " resets point-to-point password/editor's attribute (Reset P2P Password/Edit
Attributes) " order.Subsequently, via step 1003, will be invited to hold Notify Address Address_Invitee to make
For searching index input.Then, via step 1004, (" point-to-point password is reset with manager's identity code
/ editor attribute ", Admin_name, Admin_password and Address_Invitee) login privately owned high in the clouds
Routing server.It follows that via step 1040, manager's identity code is sent to privately owned high in the clouds route service
Device utility program 1010.Subsequently, via step 1005, administrator device waits that privately owned high in the clouds routing server is tested
Card.Then, via step 1006, based on privately owned high in the clouds routing server client database (Access_Code,
Code_Expiration,Address_Invitee,Address_PCRS_Client,Hash_Password_PCRS_P2P,
Password_PCRS_P2P_Expiration, Status) in Address_Invitee displayed entries inventory.If
Select " resetting point-to-point password " order, then via step 1007, administrator device waits and terminating.As
Fruit selects " editor's attribute (Edit Attributes) ", then via step 1008, edit attribute on demand.Connect down
Come, attribute include but not limited to privately owned high in the clouds routing server client state (active, inactive, deletion),
VLAN sub-network and privately owned high in the clouds routing server application program link (PCRS App link).Subsequently,
Via step 1044, attribute is sent to privately owned high in the clouds routing server utility program 1017.
From the visual angle of privately owned high in the clouds routing server utility program, via step 1010, accept privately owned high in the clouds route
Server administrators' identity code (" point-to-point password/editor's attribute ", Admin_name, Admin_password,
And Address_Invitee).Via step 1011, authentic administrator identity code (Admin_name,
Admin_password).Then, via step 1041, privately owned high in the clouds routing server manager's identity code is sent out
Deliver to administrator device 1005.It follows that via step 1012, be used as to search index by Address_Invitee,
Based on privately owned high in the clouds routing server client database (Access_Code, Code_Expiration,
Address_Invitee、Address_PCRS_Client、Hash_Password_PCRS_P2P、
Password_PCRS_P2P_Expiration and Status) in Address_Invitee reply entry inventory.
Then, via step 1042, described reply is sent to privately owned high in the clouds routing server utility program 1006.As
Fruit selects " resetting point-to-point password " order, then via step 1013, produce new
Password_PCRS_P2P;Via step 1014, the hashed value of Password_PCRS_P2P is saved in
In Hash_Password_PCRS_P2P.It follows that via step 1043, by new Password_PCRS_P2P
Send to administrator device 1007.Subsequently, via step 1015, will (Access_Code,
Password_PCRS_P2P) send to being invited to end Notify Address;Remove Password_PCRS_P2P.Then,
Via step 1045, (Access_Code, Password_PCRS_P2P) is sent to being invited to and hold 1020.
If via step 1016, select " editor's attribute " order, then via step 1017, accept edited attribute
And store it in the routing server of privately owned high in the clouds.
From being invited to the visual angle of end device, via step 1020, hold Notify Address Address-Invitee being invited to
Middle acceptance (Access_Code, Password_PCRS_P2P).
Figure 11 shows according to the present invention by privately owned high in the clouds routing server client change privately owned high in the clouds routing server
The communication process of the point-to-point password of client terminal device.From the visual angle of privately owned high in the clouds routing server client terminal device,
Via step 1100, after the virtual private networks from wide area network safety connects, at privately owned high in the clouds routing server
PCRS_App is opened on LAN.Then, via step 1101, from the privately owned high in the clouds routing server of registration
Routers rs database selects Address_PCRS.It follows that via step 1102, PCRS_App selects
" change point-to-point password " and order.Via step 1103, with client identity code (" changing point-to-point password ",
Address_PCRS, Address_PCRS_Client and Password_PCRS_P2P) login privately owned high in the clouds road
By server.It follows that via step 1140, client identity code is sent to privately owned high in the clouds routing server
Utility program 1110.Subsequently, via step 1104, privately owned high in the clouds routing server client terminal device waits privately owned
High in the clouds routing server checking.Then, via step 1105, input and input new point-to-point password again, directly
Match to it.Subsequently, via step 1142, new point-to-point password is sent to privately owned high in the clouds route service
Device utility program 1113.
From the visual angle of privately owned high in the clouds routing server utility program, via step 1110, accept privately owned high in the clouds route
Server client identity code (" changing point-to-point password ", Address_PCRS, Address_PCRS_Client,
And Password_PCRS_P2P).Then, via step 1111, in privately owned high in the clouds routing server number clients
Hash_Password_PCRS_P2P entry is searched for based on Address_PCRS_Client according in storehouse.It follows that
Via step 1112, by check described hashed value whether with privately owned high in the clouds routing server client database
(Access_Code、Code_Expiration、Address_Invitee、Address_PCRS_Client、
Hash_Password_PCRS_P2P, Password_PCRS_P2P_Expiration, Status) in based on
The Hash_Password_PCRS_P2P entry of Address_PCRS_Client matches, and verifies existing point
To a password.Subsequently, via step 1141, existing point-to-point password is sent to privately owned high in the clouds route service
Device client terminal device 1104.Then, via step 1113, new point-to-point password is accepted
Password_PCRS_P2P.It follows that via step 1114, by new point-to-point cryptographic hash be
Hash_Password_PCRS_P2P.Subsequently, via step 1115, based on privately owned high in the clouds routing server client
Client database (Access_Code, Code_Expiration, Address_Invitee, Address_PCRS_Client,
Hash_Password_PCRS_P2P, Password_PCRS_P2P_Expiration and Status) in
Hash_Password_PCRS_P2P entry is updated by Address_PCRS_Client.Then, via step
Rapid 1116, remove point-to-point password Password_PCRS_P2P.
Figure 12 shows the point-to-point connection mechanism between client terminal device 1 and client terminal device 2 via cloud network
Communication process (prior art).Client terminal device 1 on cloud network can be via disclosing with customer set up 2
The middle routing server (Intermediate Routing Server) of access or virtual private networks routing server
112,114 it is in communication with each other.Client terminal device 1 application program 1201 first with it at transmission control protocol/number of users
According to message protocol (The transport layer protocol/User Datagram Protocol;TCP/UDP) in
Internet protocol (IP) address and port capacity (port capability) are registered to centre/virtual private networks route
Server utility program 1200.Client terminal device 1 application program, Internet protocol address and port are to route clothes
Business device keeps active 1203.Client terminal device 1 is connected to visitor with the request of backward routing server utility program 1200
Family end device 21204.Routing server utility program 1200 subsequently by the transmission control protocol of client terminal device 1/
Internet protocol address in user datagram protocol and port capacity notice client terminal device 2 utility program
1202 and its intention to be connected (intention) 1205.Client terminal device 2 application program 1202 is with backward
Routing server utility program 1200 replys the registration of their own, including it at transmission control protocol/user datagram
Internet protocol address in cultural association's view (TCP/UDP) agreement and port capacity.The interconnection of client terminal device 2
FidonetFido address and port capacity keep active by being connected to routing server utility program 1200.Route service
Device utility program 1200 is subsequently with the transmission control protocol/user datagram protocol of client terminal device 2
(TCP/UDP) client terminal device 1 application program 1201 is made by Internet protocol address and port capacity in
Response 1207.Receive transmission control protocol/user datagram protocol (TCP/UDP) association of client terminal device 2
After Internet protocol address in view and port capacity, client terminal device 1 application program 1201 starts to penetrate client
The fire wall punching 1208 of end device 2.Client terminal device 2 application program 1202 also begins to penetrate client terminal device
The fire wall punching 1209 of 1.Finally, the both sides of fire prevention porthole are all got through.In client terminal device 1 and client
Point-to-point communication 1210 is started between device 2.Note, if the centre/virtual private networks that can not openly access
Routing server, then cannot realize the connection between routing server utility program and client terminal device 1 or device 2
Mechanism.Being necessarily dependent upon the centre/virtual private networks routing server that can openly access is described connection mechanism
Essential defect.
Figure 13 is that privately owned high in the clouds routing server passes through cloud network with privately owned high in the clouds routing server client terminal device
Point-to-point connection mechanism communication flow diagram.It shows according to the present invention, and client terminal device exists via cloud network
Connect under server and access server or another client terminal device or network service, it is not necessary to can openly access
Centre/virtual private networks routing server.As shown in Figure 13, client terminal device on cloud network 1 with
Privately owned high in the clouds routing server (PCRS) can be in communication with each other, without by route clothes in the middle of can openly accessing
Business device or virtual private networks routing server 112,114.With it in transmission control protocol/user datagram cultural association
Internet protocol address in view (TCP/UDP) and port capacity, client terminal device 1 application program 1301 is first
First ask to be connected to privately owned high in the clouds routing server utility program (server section) via client message box 215
Privately owned high in the clouds routing server utility program 803 shown in 1300 and Fig. 8.Privately owned high in the clouds routing server visitor
Family end device 1 application program, Internet protocol address and port utilize privately owned high in the clouds routing server utility program to protect
Hold active 1303.Privately owned high in the clouds routing server utility program (server section) is via routing server message
Box 216 receives registration.Privately owned high in the clouds routing server client terminal device 1 is subsequently also by client message box 215
Privately owned high in the clouds routing server utility program (server section) 1300 is asked to be connected to privately owned high in the clouds route service
Device utility program (client part) 1304.Privately owned high in the clouds routing server utility program (server section) 1300
Described request is received and by privately owned high in the clouds routing server client terminal device 1 by routing server message box 216
Transmission control protocol/user datagram protocol (TCP/UDP) in Internet protocol address and port capacity
Notify privately owned high in the clouds routing server utility program (client part) 1302 and its intention 1305 to be connected.
Privately owned high in the clouds routing server utility program (client part) 1302 is real with backward privately owned high in the clouds routing server
The registration of their own is replied, including it at transmission control protocol/user data by program (server section) 1300
Internet protocol address in message protocol (TCP/UDP) and port capacity.The Internet of client terminal device 2
Protocol address and port capacity are by being connected to privately owned high in the clouds routing server utility program (server section) 1300
And keep active.Privately owned high in the clouds routing server utility program (server section) 1300 is taken by route subsequently
Business device message box 216 is with the transmission control protocol/user datagram protocol (TCP/UDP) of client terminal device 2
In Internet protocol address and port capacity respond 1307 to client terminal device 1 application program 1301.Logical
Cross client message box 215 and receive the transmission control of privately owned high in the clouds routing server utility program (client part)
After Internet protocol address in agreement/user datagram protocol (TCP/UDP) and port capacity, privately owned cloud
End routing server client terminal device 1 application program 1301 starts to penetrate privately owned high in the clouds routing server utility program
The fire wall punching 1308 of (client part).Privately owned high in the clouds routing server utility program (client part)
1302 also begin to penetrate the fire wall punching 1309 of privately owned high in the clouds routing server client terminal device 1.Finally, anti-
The both sides in wall with flues hole are all got through.In privately owned high in the clouds routing server client terminal device 1 and privately owned high in the clouds route service
Point-to-point communication 1310 is started between device utility program (client part).Privately owned high in the clouds routing server is practical
All information exchange between program and privately owned high in the clouds routing server client terminal device 1 is all to pass through route service
Device message box 216 and client message box 215, rather than through the middle routing server 212 that can openly access or
Virtual private networks routing server 214.Privately owned high in the clouds routing server client terminal device 1 then can connect safely
It is connected to the virtual private LAN on the routing server of privately owned high in the clouds, as shown in 820.Privately owned high in the clouds route clothes
Business device client terminal device 1 can access any accessible client terminal device 206 under the routing server of privately owned high in the clouds
Or private network service 228.Other privately owned high in the clouds routing server client terminal devices 201,221,209,210,
211 can be connected to privately owned high in the clouds routing server by the connection mechanism identical with shown in Figure 13.The most any
The privately owned high in the clouds routing server client terminal device virtual private LAN to being connected to privately owned high in the clouds routing server
240, it just can be carried out about text, privately owned with safe the communicating of audio or video communication in the middle of themselves.
Although elaborating the present invention according to illustrated embodiment, but those of ordinary skill in the field being easy to
Recognize, various variations and described variations can be there is by the spirit of the present invention and model in described embodiment
In enclosing.Therefore, in the case of without departing substantially from the spirit and scope of following claims, the common skill of art
Art personnel can make many retouchings.
Claims (12)
1. the method for public cloud network, it is characterised in that described method comprises:
At least one privately owned high in the clouds routing server and at least one smart client are arranged to principal and subordinate close
System, at least one privately owned high in the clouds routing server wherein said comprises the first message box associated there, and described the
One message box is positioned on public cloud network;At least one smart client wherein said comprises associated therewith
Second message box of connection;Described second message box is positioned on described public cloud network;
Conversational message, Qi Zhongsuo is transmitted in a secure manner between described first message box and described second message box
State the secured session formula message between privately owned high in the clouds routing server and at least one smart client described
Connection mechanism includes: initializes and opens described privately owned high in the clouds routing server, create privately owned high in the clouds routing server
Client, watches described privately owned high in the clouds routing server client, edits the point of described privately owned high in the clouds routing server
To a password and state, at least one smart client described change described privately owned high in the clouds routing server
Point-to-point password, and it is connected to described privately owned high in the clouds routing server by least one smart client described;
Wherein said conversational message is by described privately owned high in the clouds routing server and described at least one intelligent device visitor
The checking of family end, at least one smart client wherein said and described privately owned high in the clouds routing server can be
Described conversational message is verified and is in communication with each other afterwards, and at least one of which private network service is subsequently based on described quilt
The conversational message of checking can be accessed via described public cloud network safely by described smart client;
And
General's at least another smart client is arranged to
Described master slave relation, wherein after described conversational message is verified, at least one smart client and
Described at least another smart client can communicate with described privately owned high in the clouds routing server, wherein said extremely
A few smart client and described at least another smart client can secret and warps safely
It is in communication with each other by described public cloud network.
2. the method for claim 1, it is characterised in that at least one privately owned high in the clouds route service described
Device comprises:
Calculate device;
Connection towards network;
Program, in order to make at least one privately owned high in the clouds routing server described:
A () creates and manages authorized client inventory, to accommodate multiple smart client;
B () sends conversational and invites to described second message box;
C conversational access that () captures at least one smart client described from described first message box is asked
Ask;And
D () sends conversational and confirms to described second message box.
3. method as claimed in claim 2, it is characterised in that described program also makes that described at least one is privately owned
High in the clouds routing server:
E () sends communication request at least one smart client described;
F () burrows in a router, so that smart client response keeps open co-pending;
G () waits described router binding at least one smart client described and at least one private described
The network between the routing server of high in the clouds is had to connect;
(h) the incoming request from least one smart client described is routed to described at least one
Privately owned high in the clouds routing server;
I () and at least one smart client described set up point of safes point to-point communication;
J () makes described at least one smart client access at least one private network service described;With
And
(k) make the communication of secret and safety at least one smart client described with described at least another
Carry out between smart client.
4. method as claimed in claim 2, it is characterised in that at least one smart client described
Comprise:
Calculate device;
The connection of network is led to via router;
Wherein said router has program, and described program makes at least one smart client described:
A () captures conversational from described second message box and invites;
B () sends conversational access request to described first message box;
C () captures conversational from described first message box and confirms;
D () sends communication request at least one privately owned high in the clouds routing server described;
E () burrows in described router, so that at least one privately owned high in the clouds routing server response keeps open
Co-pending;
(f) wait described router binding at least one privately owned high in the clouds routing server described with described at least one
Described network between smart client connects;
(g) the incoming request from least one privately owned high in the clouds routing server described is routed to described at least one
Individual smart client;
H () and at least one privately owned high in the clouds routing server described set up point of safes point to-point communication;
I () is via at least one privately owned high in the clouds routing server access described at least one private network described service;
And
K () communicates with at least another smart client via described privately owned high in the clouds routing server.
5. method as claimed in claim 2, it is characterised in that at least one smart client described
Comprise:
Calculate device;
Wired or wireless connection towards network;
Having program, described program makes at least one smart client described:
A () captures conversational from least one smart client message box described and invites;
B () sends conversational and returns back to described privately owned high in the clouds routing server message box;
C () captures conversational from least one smart client message box described and confirms;
D () sends access request at least one privately owned high in the clouds routing server described;
E () waits at least one privately owned high in the clouds routing server response described;
(f) binding at least one privately owned high in the clouds routing server described and described at least one intelligent device client
Described network between end connects;
(g) the incoming request from least one privately owned high in the clouds routing server described is routed to described at least one
Individual smart client;
H () and at least one privately owned high in the clouds routing server described set up point of safes point to-point communication;
I () is via at least one privately owned high in the clouds routing server access described at least one private network described service;
And
J () is via at least one privately owned high in the clouds routing server described and described at least another intelligent device client
End communicates.
6. method as claimed in claim 4, it is characterised in that described program makes it possible to:
At least one the privately owned high in the clouds routing server described of access whenever and wherever possible;
After fire wall, at least one privately owned high in the clouds described route is accessed with fixing or dynamic Internet protocol address
Server;At least one smart client wherein said need not outside or public high in the clouds type in the wide area network
Routing server;Need not extra router in a local network arrange;And with described privately owned high in the clouds routing server
Set up point of safes point to-point communication passage;
Private network service is accessed via described privately owned high in the clouds routing server;And
Communicate with at least another smart client via described privately owned high in the clouds routing server.
7. method as claimed in claim 5, it is characterised in that described program makes it possible to:
Access described privately owned high in the clouds routing server whenever and wherever possible;
After described fire wall, described privately owned high in the clouds route service is accessed with fixing or dynamic Internet protocol address
Device;Wherein said smart client need not outside or public high in the clouds type routing server in the wide area network;
Need not extra router in a local network arrange;And set up point of safes point to-point communication passage with described server;
Via at least one privately owned high in the clouds routing server access private network service described;And
Via at least one privately owned high in the clouds routing server described and described at least another smart client it
Between communicate.
8. method as claimed in claim 4, it is characterised in that described program makes it possible to:
At least one the privately owned high in the clouds routing server described of access whenever and wherever possible;
After fire wall, at least one privately owned high in the clouds described route is accessed with fixing or dynamic Internet protocol address
Server;At least one smart client wherein said need not outside or public high in the clouds type in the wide area network
Routing server;Need not extra router in a local network arrange;And with described privately owned high in the clouds routing server
Set up point of safes point to-point communication passage;
This locality entity input/output is mapped to virtual privately owned high in the clouds routing server input/output;
Private network service is accessed via described privately owned high in the clouds routing server;And
Via described privately owned high in the clouds routing server and at least communicate between another smart client.
9. method as claimed in claim 5, it is characterised in that described program makes it possible to:
Access described privately owned high in the clouds routing server whenever and wherever possible;
After fire wall, described privately owned high in the clouds routing server is accessed with fixing or dynamic Internet protocol address;Its
Described in smart client need not outside or public high in the clouds type routing server in the wide area network;At local
Net need not extra router arrange;And set up point of safes point to-point communication with described server;
This locality entity input/output is mapped to virtual server input/output;
Private network service is accessed via described privately owned high in the clouds routing server;And
Communicate with described at least another smart client via described privately owned high in the clouds routing server.
10. one kind in the routing server network of privately owned high in the clouds in privately owned high in the clouds routing server and at least one intelligence
The method that secured session formula message connection mechanism is provided between energy type device client, it is characterised in that described method
Comprise:
Initialize and open described privately owned high in the clouds routing server;
Create privately owned high in the clouds routing server client;
Watch described privately owned high in the clouds routing server client;
Edit point-to-point password and the state of described privately owned high in the clouds routing server;
Described point-to-point password is changed by least one smart client described;
Described point-to-point password and state are reset from privately owned high in the clouds routing server LAN by manager;With
And
It is connected to described privately owned high in the clouds routing server by least one smart client described.
11. 1 kinds for warp between privately owned high in the clouds routing server and privately owned high in the clouds routing server client terminal device
Method by the communication stream of the connection mechanism of cloud network, it is characterised in that described method includes:
Client terminal device application is connected to privately owned high in the clouds routing server utility program via the request of client message box;
The server section of wherein said privately owned high in the clouds routing server utility program receives via routing server message box
Registration;
Described privately owned high in the clouds routing server client terminal device via described client message box to described privately owned high in the clouds
The server section request of routing server utility program is connected to described privately owned high in the clouds routing server utility program
Client part;
The described server section of described privately owned high in the clouds routing server utility program is via routing server message box
Receive described request;
The described server section of described privately owned high in the clouds routing server utility program is by the company of described server section
Connect the described client part of privately owned high in the clouds routing server utility program described in Notice of Intention;
The described client part of described privately owned high in the clouds routing server utility program with himself registration to described
The described server section of privately owned high in the clouds routing server utility program makes reply;
The described server section of described privately owned high in the clouds routing server utility program disappears via described routing server
The application of described client terminal device is responded by breath box;
Fire wall through the described client part of described privately owned high in the clouds routing server utility program burrows;
Fire wall through described privately owned high in the clouds routing server client terminal device burrows;
Start at described privately owned high in the clouds routing server client terminal device practical with described privately owned high in the clouds routing server
Point-to-point communication is carried out between the described client part of program;Wherein said privately owned high in the clouds routing server practicality journey
All information exchange between sequence and described privately owned high in the clouds routing server client terminal device is all by described route
Server message box and described client message box.
12. methods as claimed in claim 11, it is characterised in that described routing server message box or described
One in client message box be contained in e-mail server, text message service device, web page server or
In order to accommodate between described privately owned high in the clouds routing server and described privately owned high in the clouds routing server client terminal device
In the server of information exchanging safety message;Wherein said routing server message box or described client message box are
Accessible and be in described privately owned high in the clouds routing server or described privately owned high in the clouds routing server client terminal device
Control safe, privately owned under;If the most described routing server message box or described client message box fault,
Any one in the most described routing server message box or described client message box can be replaced or again immediately
Dispose without undermining privately owned high in the clouds routing server described in described cloud network and described privately owned high in the clouds route clothes
Communication between business device client terminal device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110782826.8A CN113542389A (en) | 2015-06-16 | 2015-09-21 | Private cloud routing server connection mechanism for private communication architecture |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US14/741,145 | 2015-06-16 | ||
| US14/741,145 US10601810B2 (en) | 2011-09-09 | 2015-06-16 | Private cloud routing server connection mechanism for use in a private communication architecture |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110782826.8A Division CN113542389A (en) | 2015-06-16 | 2015-09-21 | Private cloud routing server connection mechanism for private communication architecture |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106257888A true CN106257888A (en) | 2016-12-28 |
Family
ID=57713766
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110782826.8A Pending CN113542389A (en) | 2015-06-16 | 2015-09-21 | Private cloud routing server connection mechanism for private communication architecture |
| CN201510603713.1A Pending CN106257888A (en) | 2015-06-16 | 2015-09-21 | Privately owned high in the clouds routing server connection mechanism for privately owned communication construction |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110782826.8A Pending CN113542389A (en) | 2015-06-16 | 2015-09-21 | Private cloud routing server connection mechanism for private communication architecture |
Country Status (2)
| Country | Link |
|---|---|
| CN (2) | CN113542389A (en) |
| TW (1) | TWI574164B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108600316A (en) * | 2018-03-23 | 2018-09-28 | 深圳市网心科技有限公司 | Data managing method, system and the equipment of cloud storage service |
| CN111782185A (en) * | 2020-06-30 | 2020-10-16 | 北京百度网讯科技有限公司 | Management method, device and medium for artificial intelligence development platform |
| CN114928459A (en) * | 2021-02-12 | 2022-08-19 | 金士顿数位股份有限公司 | Connection method and computer readable medium for private communication architecture |
| CN115208603A (en) * | 2021-04-13 | 2022-10-18 | 金士顿数位股份有限公司 | Connection method and computer readable medium for private communication architecture |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US12323272B2 (en) | 2011-09-09 | 2025-06-03 | Primes Lab Inc. | Private matter gateway connection mechanism for use in a private communication architecture |
| US12143365B2 (en) | 2011-09-09 | 2024-11-12 | Primes Lab Inc. | Private matter gateway connection mechanism for use in a private communication architecture |
| US12155634B2 (en) | 2011-09-09 | 2024-11-26 | Primes Lab Inc. | Metaverse application gateway connection mechanism for use in a private communication architecture |
| TWI698754B (en) | 2018-05-29 | 2020-07-11 | 普安科技股份有限公司 | Method for managing the access authority to cloud storage and the system therefor |
| TWI829487B (en) * | 2022-05-04 | 2024-01-11 | 美商元數實驗室有限公司 | Private matter gateway connection mechanism for use in a private communication architecture |
| GB2618402A (en) * | 2022-05-04 | 2023-11-08 | Primes Lab Inc | Metaverse application gateway connection mechanism for use in a private communication architecture |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7636764B1 (en) * | 2008-09-29 | 2009-12-22 | Gene Fein | Cloud resource usage in data forwarding storage |
| CN103001999A (en) * | 2011-09-09 | 2013-03-27 | 金士顿数位股份有限公司 | Private cloud server and client architecture without utilizing a routing server |
| US20150163213A1 (en) * | 2011-09-09 | 2015-06-11 | Kingston Digital, Inc. | Private and secure communication architecture without utilizing a public cloud based routing server |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6178453B1 (en) * | 1997-02-18 | 2001-01-23 | Netspeak Corporation | Virtual circuit switching architecture |
| US7373394B1 (en) * | 2003-06-30 | 2008-05-13 | Cisco Technology, Inc. | Method and apparatus for multicast cloud with integrated multicast and unicast channel routing in a content distribution network |
| US9032493B2 (en) * | 2011-03-31 | 2015-05-12 | Intel Corporation | Connecting mobile devices, internet-connected vehicles, and cloud services |
| TWI476627B (en) * | 2012-05-11 | 2015-03-11 | Chunghwa Telecom Co Ltd | The management system and method of network service level and function of cloud virtual desktop application |
| US8977598B2 (en) * | 2012-12-21 | 2015-03-10 | Zetta Inc. | Systems and methods for on-line backup and disaster recovery with local copy |
| US9152686B2 (en) * | 2012-12-21 | 2015-10-06 | Zetta Inc. | Asynchronous replication correctness validation |
| TWI506574B (en) * | 2013-06-20 | 2015-11-01 | Chunghwa Telecom Co Ltd | A flexible system of deployment for cloud network service |
| CN104021503A (en) * | 2014-05-08 | 2014-09-03 | 国家电网公司 | Relaying cloud establishing method based on virtualized Hadoop cluster |
| CN104023085A (en) * | 2014-06-25 | 2014-09-03 | 武汉大学 | Security cloud storage system based on increment synchronization |
-
2015
- 2015-09-21 CN CN202110782826.8A patent/CN113542389A/en active Pending
- 2015-09-21 CN CN201510603713.1A patent/CN106257888A/en active Pending
- 2015-10-30 TW TW104135780A patent/TWI574164B/en active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7636764B1 (en) * | 2008-09-29 | 2009-12-22 | Gene Fein | Cloud resource usage in data forwarding storage |
| CN103001999A (en) * | 2011-09-09 | 2013-03-27 | 金士顿数位股份有限公司 | Private cloud server and client architecture without utilizing a routing server |
| US20150163213A1 (en) * | 2011-09-09 | 2015-06-11 | Kingston Digital, Inc. | Private and secure communication architecture without utilizing a public cloud based routing server |
Non-Patent Citations (1)
| Title |
|---|
| MATT SMOLLINGER: ""lomega Home Media Network Hard Drived-Cloud Edition REviewed"", 《HTTPS://WWW.SMALLNETBUILDER.COM/OTHER/CLOUD/CLOUD-STORAGE/311-IOMEGA-HOME-MEDIA-NETWORK-HARD-DRIVE-CLOUD-EDITION-REVIEWED?LIMITSTART=0》 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108600316A (en) * | 2018-03-23 | 2018-09-28 | 深圳市网心科技有限公司 | Data managing method, system and the equipment of cloud storage service |
| CN108600316B (en) * | 2018-03-23 | 2021-10-08 | 深圳市网心科技有限公司 | Data management method, system and device for cloud storage service |
| CN111782185A (en) * | 2020-06-30 | 2020-10-16 | 北京百度网讯科技有限公司 | Management method, device and medium for artificial intelligence development platform |
| CN111782185B (en) * | 2020-06-30 | 2024-01-09 | 北京百度网讯科技有限公司 | Management method, equipment and medium of artificial intelligent development platform |
| CN114928459A (en) * | 2021-02-12 | 2022-08-19 | 金士顿数位股份有限公司 | Connection method and computer readable medium for private communication architecture |
| CN114928459B (en) * | 2021-02-12 | 2024-12-06 | 金士顿数位股份有限公司 | Connection method and computer readable medium for private communication architecture |
| CN115208603A (en) * | 2021-04-13 | 2022-10-18 | 金士顿数位股份有限公司 | Connection method and computer readable medium for private communication architecture |
| CN115208603B (en) * | 2021-04-13 | 2024-12-06 | 金士顿数位股份有限公司 | Connection method and computer readable medium for private communication architecture |
Also Published As
| Publication number | Publication date |
|---|---|
| TWI574164B (en) | 2017-03-11 |
| TW201701169A (en) | 2017-01-01 |
| CN113542389A (en) | 2021-10-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11356417B2 (en) | Private cloud routing server connection mechanism for use in a private communication architecture | |
| CN106257888A (en) | Privately owned high in the clouds routing server connection mechanism for privately owned communication construction | |
| CN103001999B (en) | For privately owned Cloud Server, intelligent apparatus client and the method for public cloud network | |
| US11863529B2 (en) | Private cloud routing server connection mechanism for use in a private communication architecture | |
| CN105991642B (en) | Utilize the method for publicly-owned cloud network, privately owned cloud routing server and intelligent apparatus client | |
| AU2017204316B2 (en) | Providing devices as a service | |
| CN101730987B (en) | Managing network components using USB keys | |
| CN102271134B (en) | Method and system for configuring network configuration information, client and authentication server | |
| US20110277019A1 (en) | System and method for secure access of a remote system | |
| KR20190051326A (en) | Internet Of Things Device Control System and Method Based On Block Chain | |
| US20230254292A1 (en) | Private and Secure Chat Connection Mechanism for Use in a Private Communication Architecture | |
| KR20200019998A (en) | Data communication system and method | |
| CN106161394B (en) | Utilize the method for privately owned routing server, global network and smart client | |
| US11683292B2 (en) | Private cloud routing server connection mechanism for use in a private communication architecture | |
| CN105323138B (en) | Private Cloud Routing Server and Smart Device Client Architecture | |
| US9124946B1 (en) | Plug and play method and system of viewing live and recorded contents | |
| Benomar et al. | Enabling secure RESTful web services in IoT using OpenStack | |
| Shukla et al. | Leveraging blockchain and SDN for efficient and secure IoT network | |
| CN114928459B (en) | Connection method and computer readable medium for private communication architecture | |
| Lundgren et al. | Security and privacy of smart homes: issues and solutions | |
| CN115208603B (en) | Connection method and computer readable medium for private communication architecture | |
| TW202345559A (en) | Private and secure chat connection mechanism for use in a private communication architecture | |
| GB2544675A (en) | Private cloud routing server connection mechanism for use in a private communication architecture | |
| CN117014435A (en) | Private secure chat join mechanism for private communication architecture | |
| CN117014251A (en) | Private substance gateway linking mechanism for private communication architecture |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161228 |
|
| RJ01 | Rejection of invention patent application after publication |