[go: up one dir, main page]

CN114629683A - Access method, device, equipment and storage medium of management server - Google Patents

Access method, device, equipment and storage medium of management server Download PDF

Info

Publication number
CN114629683A
CN114629683A CN202210128933.3A CN202210128933A CN114629683A CN 114629683 A CN114629683 A CN 114629683A CN 202210128933 A CN202210128933 A CN 202210128933A CN 114629683 A CN114629683 A CN 114629683A
Authority
CN
China
Prior art keywords
management server
terminal device
preset
terminal equipment
indication information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210128933.3A
Other languages
Chinese (zh)
Other versions
CN114629683B (en
Inventor
孙中轩
母志武
谢翊乐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Asiainfo Technologies (chengdu) Inc
Original Assignee
Asiainfo Technologies (chengdu) Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Asiainfo Technologies (chengdu) Inc filed Critical Asiainfo Technologies (chengdu) Inc
Priority to CN202210128933.3A priority Critical patent/CN114629683B/en
Publication of CN114629683A publication Critical patent/CN114629683A/en
Application granted granted Critical
Publication of CN114629683B publication Critical patent/CN114629683B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The application provides an access method, an access device, equipment and a storage medium of a management server, relates to the technical field of communication, and can improve the efficiency of accessing a terminal device to a regional management server. The method comprises the following steps: the authentication server receives first request information from terminal equipment logged in by a target account, wherein the first request information comprises the target account and a corresponding password; under the condition that the terminal equipment passes the verification, the authentication server detects whether the terminal equipment has a configuration file corresponding to a preset protocol, the preset protocol is used for the terminal equipment to safely access a target management server, and the target management server is a management server of an area where the terminal equipment is located currently; if the terminal equipment is detected to have the configuration file corresponding to the preset protocol, the authentication server sends first indication information to the terminal equipment based on the preset protocol, and the first indication information is used for indicating the target management server.

Description

Access method, device, equipment and storage medium of management server
Technical Field
The present application relates to the field of communications technologies, and in particular, to an access method, an access device, and a storage medium for a management server.
Background
With the increase of the number of computer terminal devices managed by enterprises, most of the enterprises adopt a client/server architecture to realize the management of the computer terminal devices. However, the area where the computer terminal device is located is not fixed, and one server can manage only one area.
If a client registered on one regional management server wants to roam to a management region access network of another regional management server, the client needs to be registered again or a system administrator needs to authorize manually, or a roaming server is deployed, so that the cost is high and the efficiency is not high, and therefore, how to enable the terminal device to quickly access the corresponding regional management server in different regions becomes a problem to be solved.
Disclosure of Invention
The application provides an access method, an access device, equipment and a storage medium of a management server, so as to improve the efficiency of accessing a terminal device to the management server in an area.
In order to achieve the purpose, the technical scheme is as follows:
in a first aspect, the present application provides an access method for a management server, which is applied to an authentication server, and the method includes: receiving first request information from terminal equipment logged in by a target account, wherein the first request information comprises the target account and a corresponding password; under the condition that the target account number passes authentication, detecting whether the terminal equipment has a configuration file corresponding to a preset protocol, wherein the preset protocol is used for safely accessing the terminal equipment to a target management server, and the target management server is a management server of an area where the terminal equipment is located currently; and if the terminal equipment is detected to have the configuration file corresponding to the preset protocol, sending first indication information to the terminal equipment based on the preset protocol, wherein the first indication information is used for indicating the target management server.
Optionally, if it is detected that the terminal device does not have the configuration file corresponding to the preset protocol, second indication information is sent to the terminal device, where the second indication information is used to indicate the terminal device to install a preset security program, so that the terminal device registers the preset protocol, and the preset security program is used to monitor whether the terminal device has a malicious program.
Optionally, detecting whether the terminal device has a configuration file corresponding to a preset protocol includes: sending third indication information to the terminal equipment, wherein the third indication information is used for indicating the terminal equipment to detect whether a configuration file corresponding to a preset protocol exists or not; receiving first feedback information from the terminal equipment, wherein the first feedback information is used for indicating whether the terminal equipment has a configuration file corresponding to a preset protocol.
In a second aspect, the present application provides a method for managing a server, which is applied to a terminal device, and includes:
optionally, in response to the first login operation, sending first request information to the authentication server, where the first request information includes a target account and a corresponding password; receiving first indication information from an authentication server, wherein the first indication information is used for indicating a target management server, the first indication information is sent by the authentication server under the condition that a terminal device is determined to have a configuration file of a preset protocol, the preset protocol is used for safely accessing the target management server by the terminal device, and the target management server is a management server of an area where the terminal device is located currently; and sending first access request information to the target management server under the condition that the target management server meets the preset condition.
Optionally, second indication information from the authentication server is received, where the second indication information is used to indicate the terminal device to install a preset security program, and the second indication information includes first link information, and the first link information is associated with the preset security program; and acquiring and installing a preset security program corresponding to the operating system of the terminal equipment according to the first link information, and registering a preset protocol.
Optionally, when the target management server meets the preset condition, accessing the target management server includes: if the target management server is a first management server, sending first access request information to the target management server, wherein the first management server is a management server accessed by the terminal equipment in a first preset time period, and the first preset time period is a time period before the current time; and if the target management server is not the first management server and the time difference between the time of accessing the first management server by the terminal equipment and the current time is greater than the preset time length, sending first access request information to the target management server.
In a third aspect, the present application provides an access device for a management server, which is applied to an authentication server, and includes: the system comprises a receiving unit, a detecting unit and a sending unit, wherein the receiving unit is used for receiving first request information from terminal equipment logged by a target account, and the first request information is used for requesting to access a management server of an area where the terminal equipment is currently located; the terminal equipment comprises a detection unit, a target management server and a management unit, wherein the detection unit is used for detecting whether the terminal equipment has a configuration file corresponding to a preset protocol under the condition that the target account passes authentication, the preset protocol is used for safely accessing the terminal equipment into the target management server, and the target management server is a management server of an area where the terminal equipment is located currently; the sending unit is used for sending first indication information to the terminal equipment based on the preset protocol after the terminal equipment is detected to have the configuration file corresponding to the preset protocol, and the first indication information is used for indicating the target management server.
Optionally, the sending unit is further configured to send second indication information to the terminal device when it is detected that the terminal device does not have the configuration file corresponding to the preset protocol, where the second indication information is used to indicate that the terminal device installs a preset security program, so that the terminal device registers the preset protocol, and the preset security program is used to monitor whether the terminal device has a malicious program.
Optionally, the detection unit is specifically configured to: sending third indication information to the terminal equipment, wherein the third indication information is used for indicating the terminal equipment to detect whether a configuration file corresponding to a preset protocol exists or not; receiving first feedback information from the terminal equipment, wherein the first feedback information is used for indicating whether the terminal equipment has a configuration file corresponding to a preset protocol.
In a fourth aspect, the present application provides an access apparatus for a management server, which is applied to a terminal device, and the access apparatus includes: a transmitting unit and a receiving unit; the sending unit is used for responding to the first login operation and sending first request information to the authentication server, wherein the first request information comprises a target account and a corresponding password; the terminal equipment comprises a receiving unit, a processing unit and a processing unit, wherein the receiving unit is used for receiving first indication information from the authentication server, the first indication information is used for indicating a target management server, the first indication information is sent by the authentication server under the condition that the terminal equipment is determined to have a configuration file of a preset protocol, the preset protocol is used for safely accessing the target management server by the terminal equipment, and the target management server is a management server of an area where the terminal equipment is located currently; and the sending unit is also used for sending the first access request information to the target management server under the condition that the target management server meets the preset condition.
Optionally, the access device further includes a processing unit; the terminal equipment comprises a receiving unit, a processing unit and a processing unit, wherein the receiving unit is used for receiving second indication information from the authentication server, the second indication information is used for indicating the terminal equipment to install a preset security program, the second indication information comprises first link information, and the first link information is associated with the preset security program; and the processing unit is used for acquiring and installing a preset security program corresponding to the operating system of the terminal equipment according to the first link information and registering a preset protocol.
Optionally, the sending unit is further configured to send first access request information to the target management server when the target management server is a first management server, where the first management server is a management server accessed by the terminal device in a first preset time period; the first preset time period is a time period before the current time; and the sending unit is further used for sending the first access request information to the target management server under the condition that the target management server is not the first management server and the time difference between the time of accessing the terminal equipment to the first management server and the current time is greater than the preset time length.
In a fifth aspect, the present application provides an authentication server, comprising: a processor, a communication interface, and a memory; wherein the memory is configured to store one or more programs, the one or more programs including computer executable instructions, and when the authentication server runs, the processor executes the computer executable instructions stored in the memory, so as to enable the authentication server to perform the access method of the management server of any one of the first aspect and the various optional implementations thereof.
In a sixth aspect, the present application provides a terminal device, including: a processor, a communication interface, and a memory; wherein the memory is configured to store one or more programs, and the one or more programs include computer executable instructions, and when the terminal device runs, the processor executes the computer executable instructions stored in the memory, so as to enable the terminal device to perform the access method of the management server in any one of the first aspect and the various optional implementations thereof.
In a seventh aspect, the present application provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are executed by a computer, the computer executes the access method of the management server in any one of the first aspect and various optional implementations thereof.
In an eighth aspect, the present application provides a computer-readable storage medium, in which instructions are stored, and when the instructions are executed by a computer, the computer executes the management server access method of any one of the second aspect and various optional implementations thereof.
In a ninth aspect, the present application provides a communication system comprising an authentication server for performing the method as described in the first aspect and any one of the possible implementations of the first aspect, and a terminal device for communicating with the authentication server for performing the method as described in any one of the possible implementations of the first aspect and the eighth aspect.
Based on the technical scheme provided by the embodiment of the application, the authentication server verifies the terminal equipment after receiving first request information which is from the terminal equipment and used for requesting to access the management server of the area where the terminal equipment is located currently. And under the condition that the terminal equipment passes the verification, the authentication server detects whether the terminal equipment has a configuration file corresponding to a preset protocol. If the terminal equipment is detected to have the configuration file corresponding to the preset protocol, the authentication server sends first indication information to the terminal equipment based on the preset protocol, the first indication information is used for indicating a target management server, and the target management server is a management server of an area where the terminal equipment is located currently. Due to the preset protocol, normal data communication between the authentication server and the terminal equipment can be ensured. In this way, the authentication server may issue the information of the management server of the current area of the terminal device to the terminal device through the preset protocol. After receiving the information of the management server at the current position, the terminal equipment can automatically migrate and access, and does not need any operation by a user in the whole process, so that the non-perception cross-server roaming is realized, and the efficiency of accessing the management server is improved.
Drawings
Fig. 1 is a schematic structural diagram of a communication system 10 according to an embodiment of the present disclosure;
fig. 2 is a schematic structural diagram of an access device according to an embodiment of the present application;
fig. 3 is a schematic flowchart of an access method according to an embodiment of the present application;
fig. 4 is a flowchart illustrating an access method according to an embodiment of the present application;
fig. 5 is a flowchart illustrating an access method according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an access apparatus according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an access device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of another communication system according to an embodiment of the present application.
Detailed Description
An access method, an access device, an access apparatus, and a storage medium of a management server according to embodiments of the present application are described in detail below with reference to the accompanying drawings.
The term "and/or" herein is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone.
The terms "first" and "second" and the like in the description and drawings of the present application are used for distinguishing different objects or for distinguishing different processes for the same object, and are not used for describing a specific order of the objects.
Furthermore, the terms "including" and "having," and any variations thereof, as referred to in the description of the present application, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements but may alternatively include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be noted that in the embodiments of the present application, words such as "exemplary" or "for example" are used to indicate examples, illustrations or explanations. Any embodiment or design described herein as "exemplary" or "e.g.," is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion.
In the description of the present application, the meaning of "a plurality" means two or more unless otherwise specified.
Before describing the embodiments of the present application, terms in the embodiments of the present application will be explained.
And (4) safety software: also called terminal equipment security software, can be used for detecting and removing viruses, worms and trojan horse programs of the terminal equipment. The terminal device security software generally has the functions of instant program monitoring and identification, malicious program scanning, cleaning, automatic virus database updating and the like. The terminal equipment safety software also has the functions of damage recovery and the like.
The terminal equipment security software is an important component of a terminal equipment defense system (comprising the terminal equipment security software, a firewall, a protection and deletion program of a Trojan horse program and other malicious software, an intrusion defense system and the like). The terminal equipment safety software can monitor the operation of the terminal equipment in real time and scan whether the operating system of the terminal equipment contains malicious programs such as viruses. The terminal device security software can be booted (e.g., booted) with the resident program after being booted by the operating system.
The terminal device security software may have different techniques for immediate monitoring. For example, the terminal device security software may compare data characteristics of a program being run by the terminal device with a virus database using a part of the memory of the terminal device to determine whether the program being run by the terminal device is a malicious program. For another example, the terminal device security software may also use a part of the memory of the terminal device to simulate the actions allowed by the operating system or the terminal device, so that the tested program can run the requirement of the internal code. The installation terminal equipment safety software can judge whether the tested program is a malicious program according to the action of the tested program.
With the increasing number of terminal devices to be managed by enterprises, most terminal device security software of the terminal devices adopts a client/server architecture to realize multi-terminal device management. Under such an architecture, one management server can manage only terminal devices of one area. However, the area where some terminal devices are located is not fixed, and there is a scene where the terminal devices move between different areas. When a terminal device moves from one area to another area, the management server accessed by the terminal device changes, but how to enable the terminal device to quickly access the corresponding area management server in different areas becomes a problem to be solved.
In view of the above problems, the following two solutions can be adopted:
and firstly, manually migrating the terminal equipment of the management server needing to access the area by an administrator. However, this method is inefficient and cannot meet the requirement of fast handover.
And secondly, deploying a roaming server, and when the terminal equipment roams to another area, if the information such as the network segment of the terminal equipment is found to be changed, the terminal equipment can ask the roaming server for all the information of the management server, and inquires the information of the management server in the area according to the information and accesses the management server in the area.
However, this approach requires additional deployment of the nomadic server, which is costly.
In view of this, an embodiment of the present application provides an access method for a management server, including:
the terminal equipment responds to the first login operation and sends first request information to the authentication server, and the first request information is used for requesting access to a management server of an area where the terminal equipment is located currently. The authentication server may verify the terminal device after receiving the first request information from the terminal device. Under the condition that the terminal device passes the verification, the authentication server can detect whether the terminal device has a configuration file corresponding to a preset protocol. If the authentication server detects that the terminal equipment has the configuration file corresponding to the preset protocol, first indication information is sent to the terminal equipment based on the preset protocol, the first indication information is used for indicating a target management server, and the target management server is a management server of an area where the terminal equipment is located currently. Furthermore, the terminal device may determine the management server to be accessed after receiving the first instruction information from the authentication server.
An access method (hereinafter, referred to as an access method) of a management server provided in the embodiments of the present application is described below with reference to the drawings of the specification.
The access method provided by the embodiment of the present application may be applied to the communication system shown in fig. 1, and as shown in fig. 1, the communication system 10 may include a terminal device 11, an authentication server 12, a management server 13, and a management server 14. The terminal device 11 is connected to the authentication server 12, the management server 13, and the management server 14 in communication, respectively. The management server 13 and the management server 14 may be communicatively connected to the authentication server 12. For example, a wireless communication connection may be possible.
The architecture between the terminal device 11 and the management server 13 and the architecture between the terminal device 11 and the management server 14 may be referred to as a client/management server architecture (C/S architecture for short), or a master-slave architecture. The client can be distinguished from the management server by the framework.
The C/S architecture is a network architecture in which a client is a Personal Computer (PC) side or a workstation where a user runs an application, and the client relies on a management server to obtain resources. The C/S architecture reduces network traffic by providing query responses rather than total file transfers. The method allows the multi-terminal equipment to be updated to a shared database through a Graphical User Interface (GUI). The client and the management server typically communicate by way of remote calls or standard query language statements.
The terminal device 11 may be configured to download and install security software, so as to register a preset protocol. The terminal device 11 can securely access the management server based on the preset protocol. For example, the terminal device 11 may be a computer, a personal computer, a notebook, or the like. The terminal device 11 comprises pre-set security software (which may also be referred to as a client),
the authentication server 12 is configured to detect whether the terminal device 11 has a preset protocol, and send an Internet Protocol (IP) address and port information of a management server in an area where the terminal device 11 is located to the terminal device 11 when the terminal device 11 has the preset protocol.
The management server 13 and the management server 14 are respectively used for managing terminal devices in respective preset areas, and providing data resources for the terminal devices in the preset areas. For example, the management server 13 may be configured to manage terminal devices within a first preset area. The management server 14 may be configured to manage terminal devices within a second preset area. The first preset area and the second preset area are different areas.
It should be noted that when the terminal device moves from the first preset area to the second preset area, the terminal device needs to acquire the data resource through the management server 14, but the terminal device is not registered in the area where the management server 14 is located. That is, the terminal device needs to acquire the data resource from the management server 14 by roaming across servers. At this time, the management server 14 may be referred to as a cross-domain server. Wherein the movement indicates a change in a geographical location of the terminal device, and the roaming indicates that the terminal device is connected to a management server not belonging to a location where the terminal device is registered.
It should be noted that fig. 1 is only an exemplary architecture diagram, and the access system may include other functional units besides the functional units shown in fig. 1, which is not limited in this embodiment of the present application.
In a specific implementation, each device in fig. 1 may adopt the composition structure shown in fig. 2, or include the components shown in fig. 2. Fig. 2 is a schematic composition diagram of an access device 20 according to an embodiment of the present disclosure, where the access device 20 includes a processor 201, a communication interface 202, a communication line 203, and a memory 204.
The processor 201 may be a CPU, a Network Processor (NP), a Digital Signal Processor (DSP), a microprocessor, a microcontroller, a Programmable Logic Device (PLD), or any combination thereof. The processor 201 may also be other devices with processing functions, such as, without limitation, a circuit, a device, or a software module. In one example, processor 201 may include one or more CPUs, such as CPU0 and CPU1 in fig. 2.
A communication interface 202 for data processing with other devices or other data processing networks. The other data processing network may be an ethernet, a Radio Access Network (RAN) device, a Wireless Local Area Network (WLAN), or the like. The communication interface may be a module, a circuit, a data processing interface, or any device capable of data processing.
A communication line 203 for transmitting messages between the various components comprised in the access system.
A memory 204 for storing instructions. Wherein the instructions may be a computer program.
The memory 204 may be a read-only memory (ROM) or other types of static storage devices that can store static messages and/or instructions, a Random Access Memory (RAM) or other types of dynamic storage devices that can store messages and/or instructions, an electrically erasable programmable read-only memory (EEPROM), a compact disc read-only memory (CD-ROM) or other optical disc storage, optical disc storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), a magnetic disc storage medium or other magnetic storage devices, and the like, without limitation.
It is noted that the memory 204 may exist separately from the processor 201 or may be integrated with the processor 201. The memory 204 may be used for storing instructions or program code or some network data or the like. The memory 302 may be located within the access device 20 or may be located outside the access device 20, without limitation. The processor 201 is configured to execute the instructions stored in the memory 204 to implement the access method provided by the following embodiments of the present application.
As an alternative implementation, the access device 20 includes multiple processors, for example, the processor 207 may be included in addition to the processor 201 in fig. 2.
As an alternative implementation, the access apparatus 20 further includes an output device 205 and an input device 206. Illustratively, the input device 206 is a keyboard, mouse, microphone, or joystick, among other devices, and the output device 205 is a display screen, speaker (spaker), among other devices.
In the embodiment of the present application, the chip system may be composed of a chip, and may also include a chip and other discrete devices.
In addition, actions, terms, and the like related between the embodiments of the present application may be mutually referenced, without limitation. In the embodiment of the present application, the name of the message or the name of the parameter in the message that is interacted between the devices is only an example, and other names may also be used in specific implementation, which is not limited.
The access method provided by the embodiment of the present application may be applied to the access device shown in fig. 1 or fig. 2.
The execution subject of the access method provided by the present application is the authentication server, and may also be a chip in the authentication server or a system on a chip, etc., without limitation.
As shown in fig. 3, an access method provided in the embodiment of the present disclosure may include: S301-S304.
S301, responding to the first login operation, the terminal device sends first request information to the authentication server, and correspondingly, the authentication server receives the first request information from the terminal device.
The terminal device may be the terminal device 11 in fig. 1, a device, such as a chip, in the terminal device 11, or a client in the terminal device 11. The authentication server may be the authentication server 12 in fig. 1, or may be a device, such as a chip, in the authentication server 12.
The first login operation may refer to an operation of a user inputting an account and a corresponding password through an authentication interface.
In one example, after the terminal device accesses the network in the preset area, the data resource can be acquired through the public network only when the terminal device has the right to use the network. Wherein the network may be an intranet (e.g., an office area network). For example, the user may input an account and a corresponding password through a login interface corresponding to the public network. The authentication interface may be associated with an authentication server.
It should be noted that, if the terminal device does not have the right to use the network, when responding to the operation of opening the browser of the terminal device, the browser may automatically redirect to the login interface. For example, the auto-redirect process may be: in response to the operation that a user inputs and accesses the URL by using a preset browser, the terminal device sends request information to the gateway, wherein the request information can comprise IP address information of the terminal device and the URL; after receiving the request information from the terminal equipment, the gateway equipment detects whether the IP address of the terminal equipment has the authority of using the network; if not, the gateway may feed back, to the terminal device, first login page information through a Domain Name System (DNS), where the first login page information may be used to associate a login page, and may include a link of the login page, for example; and after receiving the first login page, the terminal equipment can display a login interface through a browser.
The first request message is used for requesting to acquire required data through a network of the area where the first request message is located. For example, the first request message may include a target account number and a corresponding password.
As a possible implementation manner, the terminal device may input an account and a corresponding password on a login interface of a preconfigured browser. In response to an operation of clicking an "ok" key of the login interface by the user, the terminal device may transmit first indication information to the authentication server.
S302, under the condition that the target account number passes verification, the authentication server detects whether the terminal equipment has a configuration file corresponding to a preset protocol.
The target account verification passing may mean that the authentication server determines that the account and the corresponding password in the first request message are correct. For example, the authentication server may be preconfigured with a plurality of accounts and a password corresponding to each account. If the account number and the corresponding password in the first request message are consistent with the account number and the corresponding password stored by the authentication server, determining that the target account number passes the verification; otherwise, determining that the target account number fails to be verified.
It should be noted that, when the target account number is not verified, the terminal device may access the network, but cannot use the network to obtain data from other devices/servers.
The preset protocol can be used for the terminal equipment to safely access the target management server.
In one example, the predetermined protocol may be a terminal device security space protocol. The format of the osce protocol may be as follows:
osce://{action}/{key1=value1}&{key2=value2}。
wherein, action represents the action to be done, and key and value represent different parameter information respectively. For example, when the terminal device registers with the authentication server, the preset protocol may be as follows:
osce://register/serverIP=10.21.142.12 1&serverPort=8080。
the register of the preset protocol indicates registration, a server IP (10.21.142.121) is IP address information of the authentication server, and a service Port (8080) is Port information of the authentication server.
In a possible implementation manner, the authentication server may send, to the terminal device, third indication information for indicating that the terminal device detects whether the configuration file corresponding to the preset protocol exists. The terminal device may send the first feedback information to the authentication server after receiving the third indication information sent by the authentication server. Correspondingly, the authentication server receives first feedback information from the terminal device, wherein the first feedback information is used for indicating whether the terminal device has a configuration file corresponding to the preset protocol.
For example, if the first feedback message includes the first indicator, the authentication server may determine that the terminal device has a profile corresponding to a predetermined protocol. If the first feedback message does not include the first indicator, the authentication server may determine that the terminal device does not have the profile corresponding to the predetermined protocol.
The first indicator may be used to indicate that the terminal device has a configuration file corresponding to a pre-set protocol or that the terminal device has registered the pre-set protocol. The first indicator may be a number, a letter, or a combination of a number and a letter.
The terminal device can detect whether the terminal device has a configuration file corresponding to a preset protocol by detecting whether the terminal device pre-configures one or more of whether the browser has a preset tag, a preset URL and whether a preset event is generated. The preset browser corresponding to the terminal device may be a Firefox (Firefox) browser, a google browser, an IE browser, and other types of browsers, which are not limited herein.
For example, if the browser configured in advance by the terminal device is a fire fox browser, when the terminal device registers a preset protocol, the fire fox browser may be instructed to temporarily generate an iFrame tag and set a Uniform Resource Locator (URL) of the iFrame as a preset URL. Subsequently, in a case where the terminal device needs to detect whether to register the preset protocol (for example, when receiving an instruction for feeding back whether to register the preset protocol from the authentication server), if the terminal device detects the preset URL, the terminal device may send first feedback information with the first indicator to the authentication server. If the terminal device does not detect that the preset URL exists, the terminal device can send first feedback information without the first indicator to the authentication server.
For another example, if the browser pre-configured by the terminal device is a google browser, when the terminal device registers a preset protocol, the terminal device may instruct the google browser to modify the URL of the login page/window into a protocol format of the preset protocol. Subsequently, under the condition that the terminal device needs to detect whether to register the preset protocol, if the terminal device can monitor that the google browser generates a blu event, first feedback information with a first indicator can be sent to the authentication server. If the terminal device does not monitor that the google browser generates the blu event, first feedback information without the first indicator can be sent to the authentication server.
For another example, if the browser configured in advance by the terminal device is an IE browser, and the terminal device registers a preset protocol, the terminal device may instruct the IE browser to temporarily generate an iFrame tag, and set the URL of the iFrame tag as a preset URL. Subsequently, under the condition that the terminal device needs to detect whether the preset protocol is registered, if the terminal device can monitor that the IE browser generates the blu event message, the terminal device may send first feedback information with the first indicator to the authentication server. If the terminal device cannot monitor that the IE browser generates the blu event, first feedback information without the first indicator can be sent to the authentication server.
And S303, if the terminal equipment is detected to have the configuration file corresponding to the preset protocol, the authentication server sends first indication information to the terminal equipment based on the preset protocol. Accordingly, the terminal device receives the first indication message from the authentication server.
The first indication information is used for indicating the target management server. For example, the first indication information may include: IP address of the target management server, port of the target management server, and the like. The target management server is a management server of an area where the terminal equipment is located at present. For example, it may be the management server 14 in fig. 1.
The sending, by the authentication server, the first indication information to the terminal device based on the preset protocol may be a format in which the authentication server encapsulates the first indication information into the preset protocol, and sends the encapsulated first indication information to the terminal device.
For example, in conjunction with the aforementioned osce protocol, the encapsulated first indication information may be as follows:
osce://access/serverIP=10.21.142.13&serverPort=121。
wherein, access indicates access, server IP 10.21.142.13 is the IP address information of the target management server, and server port 121 is the port information of the target management server.
Further, in order to ensure the security of the indication information, the authentication server may encrypt the first indication information using a preset encryption key, sign the encrypted first indication information to obtain first message data, and send the first message data to the sending terminal device. The preset encryption key can be configured in advance by the authentication server.
After receiving the first message data from the authentication server, the terminal device may first verify the signature of the first message data, and decrypt the first data packet using a preset decryption key under the condition that the signature of the first message data is correct, so as to obtain the first indication information. The preset decryption key corresponds to the preset encryption key.
It should be noted that the preset encryption key and the preset decryption key may be symmetric keys or asymmetric ciphers, and are not limited.
S304, under the condition that the target management server meets the preset condition, the terminal equipment sends first access request information to the target management server. Correspondingly, the target management server receives the first access request information sent by the terminal equipment.
Wherein, the preset condition can be used for determining whether to access the target management server. For example, the preset conditions may include: the information of the target management server is the same as that of the first management server, or when the information of the target management server is different from that of the first management device, the time difference between the time when the terminal device accesses the first management server and the current time is larger than the preset time. The information of the management server may include one or more of IP information, identification, port information of the management server. The first management server may be a management server accessed by the terminal device in a first preset period. The first preset period is a period before the current time.
The first access request information is used for requesting access to the target management server. For example, the first access request information may include: one or more of a Globally Unique Identifier (GUID) of a preset security program, a media access control (Mac) address, an IP address, a preset security program version number, an engine model version number, and information of a target management server are preset in the terminal device.
Based on the technical scheme provided by the embodiment of the application, the authentication server verifies the terminal equipment after receiving first request information which is from the terminal equipment and used for requesting to access the management server of the area where the terminal equipment is located currently. And under the condition that the terminal equipment passes the verification, the authentication server detects whether the terminal equipment has a configuration file corresponding to a preset protocol. If the terminal equipment is detected to have the configuration file corresponding to the preset protocol, the authentication server sends first indication information to the terminal equipment based on the preset protocol, the first indication information is used for indicating a target management server, and the target management server is a management server of an area where the terminal equipment is located currently. Because the preset protocol is used for the terminal equipment to safely access the target management server, the authentication server can issue the information of the management server in the current area of the terminal equipment to the terminal equipment through the preset protocol. After receiving the information of the management server at the current position, the terminal equipment can automatically migrate and access, and does not need any operation by a user in the whole process, so that the non-perception cross-server roaming is realized, and the efficiency of accessing the management server is improved.
In a possible embodiment, as shown in fig. 4, the method provided in this embodiment may further include the following S401:
s401, if the terminal device is detected not to have the configuration file corresponding to the preset protocol, the authentication server sends second indication information to the terminal device. Correspondingly, the terminal equipment receives the second indication information sent by the authentication server
The second indication information is used for indicating the terminal device to install a preset security program, so that the terminal device registers a preset protocol. For example, the second indication information includes first link information, and the first link information is associated with a preset security program. The preset security program is used for monitoring whether the terminal equipment has a malicious program. Specifically, the function of the preset security program can refer to the description in the above noun explanation, and is not repeated.
Further, the terminal device may obtain an installation package of the preset security program through the first link information, and after the terminal device starts the installation package, if the terminal device detects that the registry or the protocol header of the preset security program exists, it may be determined that the preset security program has been installed. Under the condition that the terminal device is determined to have installed the preset security program, the terminal device may compare version information (such as version update time and version number) of the installation package with version information of the installed preset security program, and if the version information of the installation package is inconsistent with the version information of the installed preset security program, the terminal device may update/upgrade the installed preset security program through the installation package.
It should be noted that, in the embodiment of the present application, when the terminal device registers the preset protocol, different pre-protocol registration methods may be used according to a pre-configured operating system. The terminal devices of different operating systems have different preset protocol registration methods. For example, the operating system may include a Windows operating system, a Mac operating system. The following describes the pre-protocol registration method for these two operating systems.
1. When the operating system of the terminal device is a Windows operating system, the terminal device may write the configuration file corresponding to the preset protocol into the HKEY _ CURRENT _ USER \ Software \ Classes entry.
2. When the operating system of the terminal device is the Mac operating system, the terminal device may put a configuration file corresponding to a preset protocol into a URL Schemes box in the development tool Xcode.
Therefore, when the terminal device is detected not to have the configuration file corresponding to the preset protocol, the authentication server sends the second indication information to the terminal device, and how the terminal device is connected with the management server can be better guided.
In a possible embodiment, as shown in fig. 5, in the access method of the management server provided in this embodiment of the present application, in the above S304, when the target management server meets the preset condition, a method for the terminal device to send the first access request information to the target management server may specifically include the following S3041 to S3045:
s3041, the terminal device determines whether the target management server is the first management server.
The first management server is a management server accessed by the terminal equipment in a first preset time period, and the first preset time period is a previous time period before the current time.
S3042, if the target management server is the first management server, the terminal device sends the first access request information to the target management server.
S3043, if the target management server is not the first management server, the terminal device determines whether a time difference between the time of accessing the first management server and the current time is greater than a preset time duration.
The preset time period may be preset, and for example, may be 10 minutes.
As a possible implementation manner, the terminal device may compare the timestamp recorded when the first management server is accessed with the current time to determine whether a time difference between the time when the first management server is accessed and the current time is greater than a preset time duration.
S3044, if the time difference between the time when the terminal device accesses the first management server and the current time is greater than the preset time, the terminal device sends the first access request message to the target management server.
Further, after the target management server receives the first access request information from the terminal device, it may be determined whether to allow the access of the terminal device.
For example, if the target management server determines that the terminal device is a newly accessed terminal device and the terminal device is a valid device, the target management server may perform a synchronization information operation, where the synchronization information operation may be: and configuring scanning frequency, scanning strategy and the like of preset security software in the terminal equipment.
S3045, if the time difference between the time when the terminal device accesses the first management server and the current time is less than the preset time, the terminal device abandons accessing the target management server.
Therefore, the client can meet the cross-server access requirement, and the phenomenon that some clients register frequently and waste server resources is avoided.
In the embodiment of the present application, the server may be divided into the functional modules or the functional units according to the above method example, for example, each functional module or functional unit may be divided corresponding to each function, or two or more functions may be integrated into two modules. The integrated module may be implemented in a form of hardware, or may be implemented in a form of a software functional module or a functional unit. The division of the modules or units in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.
Fig. 6 shows a schematic diagram of a possible structure of the access device involved in the above embodiment. As shown in fig. 6, the access device 50 includes: receiving section 501, detecting section 502, and transmitting section 503.
The receiving unit 501 is configured to receive first request information from a terminal device logged in by a target account, where the first request information includes the target account and a corresponding password. For example, as shown in fig. 3, the receiving unit 501 may be configured to perform S301.
The detecting unit 502 is configured to detect whether the terminal device has a configuration file corresponding to a preset protocol, if the terminal device passes the verification. For example, as shown in fig. 3, the detection unit 502 may be configured to perform S302.
A sending unit 503, configured to send, based on a preset protocol, first indication information to a terminal device after detecting that the terminal device has a configuration file corresponding to the preset protocol, where the preset protocol is used for the terminal device to safely access a target management server, the first indication information is used for indicating the target management server, and the target management server is a management server in an area where the terminal device is currently located. For example, as shown in fig. 3, the sending unit 503 may be configured to execute S303.
In one possible design, the detection unit 502 is specifically configured to: sending third indication information to the terminal equipment, wherein the third indication information is used for indicating the terminal equipment to detect whether a configuration file corresponding to a preset protocol exists or not; receiving first feedback information from the terminal equipment, wherein the first feedback information is used for indicating whether the terminal equipment has a configuration file corresponding to a preset protocol. For example, as shown in fig. 3, the detection unit 502 may be configured to perform S304.
In a possible design, the sending unit 503 is further configured to send second indication information to the terminal device when it is detected that the terminal device does not have the configuration file corresponding to the preset protocol, where the second indication information is used to indicate the terminal device to install a preset security program, so that the terminal device registers the preset protocol, and the preset security program is used to monitor whether the terminal device has a malicious program. For example, as shown in fig. 4, the sending unit 503 may be configured to execute S401.
Fig. 7 shows a schematic diagram of a possible structure of the access device involved in the above embodiment. As shown in fig. 7, the access device 60 includes: transmitting section 601 and receiving section 602.
A sending unit 601, configured to send first request information to an authentication server in response to a first login operation, where the first request information includes a target account and a corresponding password.
A receiving unit 602, configured to receive first indication information from an authentication server, where the first indication information is used to indicate a target management server, the first indication information is sent by the authentication server when it is determined that a terminal device has a configuration file of a preset protocol, the preset protocol is used for the terminal device to safely access the target management server, and the target management server is a management server in an area where the terminal device is currently located.
The sending unit 601 is further configured to send the first access request information to the target management server when the target management server meets a preset condition.
In one possible design, as shown in fig. 7, the access device 60 further includes a processing unit 603; a receiving unit 602, configured to receive second indication information from the authentication server, where the second indication information is used to indicate that the terminal device installs a preset security program, and the second indication information includes first link information, and the first link information is associated with the preset security program; the processing unit 603 is configured to obtain and install a preset security program corresponding to the operating system of the terminal device according to the first link information, and register a preset protocol.
In a possible design, the sending unit 601 is further configured to send first access request information to a target management server in a case that the target management server is a first management server, where the first management server is a management server accessed by a terminal device in a first preset time period; the first preset time period is before the previous time period of the current time; the sending unit 601 is further configured to send first access request information to the target management server when the target management server is not the first management server and a time difference between a time when the terminal device accesses the first management server and a current time is greater than a preset time duration.
In a possible embodiment, as shown in fig. 8, the present application further provides a communication system 80, where the communication system 80 may authenticate a server 701 and a terminal device 702. The authentication server 701 may be configured to execute S301 and S304 in fig. 3 described above, and the terminal device 702 may be configured to execute S302 and S303 in fig. 3 described above, and S401 in fig. 4.
Through the above description of the embodiments, it is clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be completed by different functional modules according to needs, that is, the internal structure of the device may be divided into different functional modules to complete all or part of the above described functions. For the specific working processes of the system, the apparatus and the unit described above, reference may be made to the corresponding processes in the foregoing method embodiments, and details are not described here again.
The present application provides a computer program product containing instructions, which when run on a computer, causes the computer to execute the access method of the management server of the above method embodiments.
The embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the access device of the management server executes the instructions, the access device of the management server executes the steps executed by the access device of the management server in the method flow shown in the foregoing method embodiment.
The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a Read-Only Memory (ROM), an Erasable Programmable Read-Only Memory (EPROM), a register, a hard disk, an optical fiber, a portable Compact Disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, any suitable combination of the above, or any other form of computer readable storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an Application Specific Integrated Circuit (ASIC). In embodiments of the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The above description is only an embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions within the technical scope of the present disclosure should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (15)

1. An access method of a management server, which is applied to an authentication server, the method comprises:
receiving first request information from terminal equipment logged by a target account, wherein the first request information comprises the target account and a corresponding password;
under the condition that the target account number passes authentication, detecting whether the terminal equipment has a configuration file corresponding to a preset protocol, wherein the preset protocol is used for safely accessing the terminal equipment to a target management server, and the target management server is a management server of an area where the terminal equipment is located currently;
and if the terminal equipment is detected to have the configuration file corresponding to the preset protocol, sending first indication information to the terminal equipment based on the preset protocol, wherein the first indication information is used for indicating the target management server.
2. The method of claim 1, further comprising:
if the terminal device does not have the configuration file corresponding to the preset protocol, sending second indication information to the terminal device, wherein the second indication information is used for indicating the terminal device to install a preset safety program, so that the terminal device registers the preset protocol, and the preset safety program is used for monitoring whether the terminal device has a malicious program.
3. The method according to claim 1 or 2, wherein the detecting whether the terminal device has a configuration file corresponding to a preset protocol comprises:
sending third indication information to the terminal equipment, wherein the third indication information is used for indicating whether the terminal equipment detects a configuration file corresponding to a preset protocol;
receiving first feedback information from the terminal device, where the first feedback information is used to indicate whether the terminal device has a configuration file corresponding to the preset protocol.
4. An access method of a management server is applied to a terminal device, and the method comprises the following steps:
responding to a first login operation, and sending first request information to an authentication server, wherein the first request information comprises the target account and a corresponding password;
receiving first indication information from the authentication server, wherein the first indication information is used for indicating a target management server, the first indication information is sent by the authentication server under the condition that the terminal equipment is determined to have a configuration file of a preset protocol, the preset protocol is used for safely accessing the target management server by the terminal equipment, and the target management server is a management server of an area where the terminal equipment is located currently;
and sending first access request information to the target management server under the condition that the target management server meets a preset condition.
5. The method of claim 4, further comprising:
receiving second indication information from the authentication server, wherein the second indication information is used for indicating the terminal equipment to install a preset security program, the second indication information comprises first link information, and the first link information is associated with the preset security program;
and acquiring and installing a preset security program corresponding to the operating system of the terminal equipment according to the first link information, and registering the preset protocol.
6. The method according to claim 5, wherein the accessing the target management server in case that the target management server satisfies a preset condition comprises:
if the target management server is a first management server, sending the first access request information to the target management server, wherein the first management server is a management server accessed by the terminal equipment in a first preset time period, and the first preset time period is a time period before the current time;
and if the target management server is not the first management server and the time difference between the time of accessing the first management server by the terminal equipment and the current time is greater than the preset time length, sending first access request information to the target management server.
7. An access device for a management server, the access device being applied to an authentication server, the access device comprising: a receiving unit, a detecting unit and a transmitting unit;
the receiving unit is used for receiving first request information from terminal equipment logged by a target account, wherein the first request information is used for requesting to access a management server of an area where the terminal equipment is currently located;
the detection unit is configured to detect whether the terminal device has a configuration file corresponding to a preset protocol when the target account number passes authentication, where the preset protocol is used for the terminal device to safely access a target management server, and the target management server is a management server in an area where the terminal device is currently located;
the sending unit is configured to send, based on the preset protocol, first indication information to the terminal device after detecting that the terminal device has the configuration file corresponding to the preset protocol, where the first indication information is used to indicate a target management server.
8. The access device of claim 7,
the sending unit is further configured to send second indication information to the terminal device when it is detected that the terminal device does not have the configuration file corresponding to the preset protocol, where the second indication information is used to indicate that the terminal device installs a preset security program, so that the terminal device registers the preset protocol, and the preset security program is used to monitor whether the terminal device has a malicious program.
9. The access device according to claim 7 or 8, wherein the detecting unit is specifically configured to:
sending third indication information to the terminal equipment, wherein the third indication information is used for indicating whether the terminal equipment detects a configuration file corresponding to a preset protocol;
receiving first feedback information from the terminal device, where the first feedback information is used to indicate whether the terminal device has a configuration file corresponding to the preset protocol.
10. An access device of a management server, applied to a terminal device, the access device comprising: a transmitting unit and a receiving unit;
the sending unit is used for responding to a first login operation and sending first request information to an authentication server, wherein the first request information comprises the target account and a corresponding password;
the receiving unit is configured to receive first indication information from the authentication server, where the first indication information is used to indicate a target management server, the first indication information is sent by the authentication server when it is determined that the terminal device has a configuration file of a preset protocol, the preset protocol is used for the terminal device to safely access the target management server, and the target management server is a management server in an area where the terminal device is currently located;
the sending unit is further configured to send first access request information to the target management server when the target management server meets a preset condition.
11. The access device according to claim 10, further comprising a processing unit;
the receiving unit is configured to receive second indication information from the authentication server, where the second indication information is used to indicate that a preset security program is installed in the terminal device, and the second indication information includes first link information, where the first link information is associated with the preset security program;
and the processing unit is used for acquiring and installing a preset security program corresponding to the operating system of the terminal equipment according to the first link information and registering the preset protocol.
12. The access device of claim 11,
the sending unit is further configured to send the first access request information to the target management server when the target management server is a first management server, where the first management server is a management server accessed by the terminal device in a first preset time period; the first preset time period is a time period before the current time;
the sending unit is further configured to send first access request information to the target management server when the target management server is not the first management server and a time difference between the time when the terminal device accesses the first management server and the current time is greater than a preset time length.
13. An authentication server, characterized in that the authentication server comprises: a processor, a communication interface, and a memory; wherein the memory is configured to store one or more programs, the one or more programs including computer executable instructions that, when executed by the authentication server, are executed by the processor to cause the access device of the management server to perform the method of any one of claims 1-3.
14. A terminal device, characterized in that the terminal device comprises: a processor, a communication interface, and a memory; wherein the memory is used for storing one or more programs, the one or more programs comprising computer executable instructions, which when executed by the terminal device, the processor executes the computer executable instructions stored in the memory to cause the terminal device to perform the method of any one of claims 4-6.
15. A computer readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a computer, cause the computer to perform the method of any of claims 1-3 or any of claims 4-6.
CN202210128933.3A 2022-02-11 2022-02-11 Access method, device, equipment and storage medium of management server Active CN114629683B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210128933.3A CN114629683B (en) 2022-02-11 2022-02-11 Access method, device, equipment and storage medium of management server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210128933.3A CN114629683B (en) 2022-02-11 2022-02-11 Access method, device, equipment and storage medium of management server

Publications (2)

Publication Number Publication Date
CN114629683A true CN114629683A (en) 2022-06-14
CN114629683B CN114629683B (en) 2023-09-05

Family

ID=81898125

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210128933.3A Active CN114629683B (en) 2022-02-11 2022-02-11 Access method, device, equipment and storage medium of management server

Country Status (1)

Country Link
CN (1) CN114629683B (en)

Citations (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1335719A (en) * 2000-06-12 2002-02-13 索尼公司 Image content providing reproducting method, system, equipment and its storage media
US20040019687A1 (en) * 2002-07-26 2004-01-29 Fujitsu Limited Timeout management system, timeout management server and timeout management program storage medium
CN1553741A (en) * 2003-05-30 2004-12-08 ��Ϊ�������޹�˾ Method and system for providing users with network roaming
CN101272627A (en) * 2008-04-30 2008-09-24 杭州华三通信技术有限公司 Network access control method and apparatus for implementing roaming
CN101448138A (en) * 2008-12-29 2009-06-03 深圳市同洲电子股份有限公司 Method, system and server for inserting video advertisement
CN101656959A (en) * 2009-09-10 2010-02-24 中兴通讯股份有限公司 Method, apparatus and system for obtaining MN-HA key in HA of PMIP
CN101958846A (en) * 2010-11-03 2011-01-26 北京北信源软件股份有限公司 Method for client roaming across servers
CN101990202A (en) * 2009-07-29 2011-03-23 中兴通讯股份有限公司 Method for updating user policy and application server
CN102761525A (en) * 2011-04-28 2012-10-31 中国电信股份有限公司 IMS (IP multimedia subsystem) fixed terminal, management server, roaming control method and roaming control system
CN102843437A (en) * 2012-09-17 2012-12-26 北京星网锐捷网络技术有限公司 Conversion method and device for webpage application and network device
US20150271029A1 (en) * 2014-03-20 2015-09-24 Fujitsu Limited Activation management system and activation management method
CN105530644A (en) * 2016-02-19 2016-04-27 上海斐讯数据通信技术有限公司 Wireless authentication method and system
JP2016096440A (en) * 2014-11-13 2016-05-26 キヤノン株式会社 Video image coded data transmission device, management device, and program
CN105991576A (en) * 2015-02-10 2016-10-05 杭州华三通信技术有限公司 Issuing method of safety strategy and equipment thereof
JP2016213709A (en) * 2015-05-11 2016-12-15 株式会社Nttドコモ Moving image reproduction system, client device, server device, and program
CN106899642A (en) * 2015-12-21 2017-06-27 阿里巴巴集团控股有限公司 A kind of Internet of Things link management method and equipment
CN106961377A (en) * 2016-01-12 2017-07-18 北大方正集团有限公司 Message synchronization method and message synchronization system
CN108063840A (en) * 2018-01-23 2018-05-22 广东欧珀移动通信有限公司 Access the method and Related product of network
CN108234569A (en) * 2016-12-21 2018-06-29 青岛祥智电子技术有限公司 A kind of method of client roaming across servers
CN111314343A (en) * 2020-02-18 2020-06-19 中国联合网络通信集团有限公司 Account management method, device and readable storage medium
US20200204279A1 (en) * 2018-12-20 2020-06-25 Viamedia, Inc. Integrating digital advertising with cable tv network and broadcast advertising
CN112583799A (en) * 2020-12-03 2021-03-30 深圳市镜玩科技有限公司 Processing method, related device, equipment and medium for registered account
CN112671778A (en) * 2020-12-25 2021-04-16 北京百度网讯科技有限公司 Account management method, account management device, account management equipment and storage medium for electronic equipment
CN113938919A (en) * 2021-09-03 2022-01-14 中国联合网络通信集团有限公司 Data analysis method and apparatus

Patent Citations (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1335719A (en) * 2000-06-12 2002-02-13 索尼公司 Image content providing reproducting method, system, equipment and its storage media
US20040019687A1 (en) * 2002-07-26 2004-01-29 Fujitsu Limited Timeout management system, timeout management server and timeout management program storage medium
CN1553741A (en) * 2003-05-30 2004-12-08 ��Ϊ�������޹�˾ Method and system for providing users with network roaming
CN101272627A (en) * 2008-04-30 2008-09-24 杭州华三通信技术有限公司 Network access control method and apparatus for implementing roaming
CN101448138A (en) * 2008-12-29 2009-06-03 深圳市同洲电子股份有限公司 Method, system and server for inserting video advertisement
CN101990202A (en) * 2009-07-29 2011-03-23 中兴通讯股份有限公司 Method for updating user policy and application server
CN101656959A (en) * 2009-09-10 2010-02-24 中兴通讯股份有限公司 Method, apparatus and system for obtaining MN-HA key in HA of PMIP
CN101958846A (en) * 2010-11-03 2011-01-26 北京北信源软件股份有限公司 Method for client roaming across servers
CN102761525A (en) * 2011-04-28 2012-10-31 中国电信股份有限公司 IMS (IP multimedia subsystem) fixed terminal, management server, roaming control method and roaming control system
CN102843437A (en) * 2012-09-17 2012-12-26 北京星网锐捷网络技术有限公司 Conversion method and device for webpage application and network device
US20150271029A1 (en) * 2014-03-20 2015-09-24 Fujitsu Limited Activation management system and activation management method
JP2016096440A (en) * 2014-11-13 2016-05-26 キヤノン株式会社 Video image coded data transmission device, management device, and program
CN105991576A (en) * 2015-02-10 2016-10-05 杭州华三通信技术有限公司 Issuing method of safety strategy and equipment thereof
JP2016213709A (en) * 2015-05-11 2016-12-15 株式会社Nttドコモ Moving image reproduction system, client device, server device, and program
CN106899642A (en) * 2015-12-21 2017-06-27 阿里巴巴集团控股有限公司 A kind of Internet of Things link management method and equipment
CN106961377A (en) * 2016-01-12 2017-07-18 北大方正集团有限公司 Message synchronization method and message synchronization system
CN105530644A (en) * 2016-02-19 2016-04-27 上海斐讯数据通信技术有限公司 Wireless authentication method and system
CN108234569A (en) * 2016-12-21 2018-06-29 青岛祥智电子技术有限公司 A kind of method of client roaming across servers
CN108063840A (en) * 2018-01-23 2018-05-22 广东欧珀移动通信有限公司 Access the method and Related product of network
US20200204279A1 (en) * 2018-12-20 2020-06-25 Viamedia, Inc. Integrating digital advertising with cable tv network and broadcast advertising
CN111314343A (en) * 2020-02-18 2020-06-19 中国联合网络通信集团有限公司 Account management method, device and readable storage medium
CN112583799A (en) * 2020-12-03 2021-03-30 深圳市镜玩科技有限公司 Processing method, related device, equipment and medium for registered account
CN112671778A (en) * 2020-12-25 2021-04-16 北京百度网讯科技有限公司 Account management method, account management device, account management equipment and storage medium for electronic equipment
CN113938919A (en) * 2021-09-03 2022-01-14 中国联合网络通信集团有限公司 Data analysis method and apparatus

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
LI ZHANG: "《A Roaming System of Residential Building\'s Virtual Internal Scene Based on VRML》", 《2010 2ND INTERNATIONAL WORKSHOP ON INTELLIGENT SYSTEMS AND APPLICATIONS》 *
刘德生: "《超高速大容量智能无线接入控制服务器研究》", 《无线互联科技》, no. 17 *
徐文 王华军: "基于WebService的动态NDS应用研究", 电脑与电信, no. 11 *

Also Published As

Publication number Publication date
CN114629683B (en) 2023-09-05

Similar Documents

Publication Publication Date Title
US11888890B2 (en) Cloud management of connectivity for edge networking devices
US12153948B2 (en) Distributed zero trust network access
EP3459222B1 (en) Device authentication based upon tunnel client network requests
EP3298527B1 (en) Secured access control to cloud-based applications
JP6571776B2 (en) System and method for automatic device detection, device management and remote assistance
US9270658B2 (en) Auditing communications
US7966650B2 (en) Dynamic internet address assignment based on user identity and policy compliance
US11792194B2 (en) Microsegmentation for serverless computing
US20090217346A1 (en) Dhcp centric network access management through network device access control lists
JP2017537562A5 (en)
US10785196B2 (en) Encryption key management of client devices and endpoints within a protected network
CN113341798A (en) Method, system, device, equipment and storage medium for remotely accessing application
US20220201041A1 (en) Administrative policy override in microsegmentation
JP2018503922A (en) Test system for testing a computer of a computer system in a test network
WO2023069129A1 (en) Network appliances for secure enterprise resources
US11283881B1 (en) Management and protection of internet of things devices
US12015594B2 (en) Policy integration for cloud-based explicit proxy
US20240348627A1 (en) Application access analyzer
CN114629683B (en) Access method, device, equipment and storage medium of management server
US20230239270A1 (en) Synthetic audit events in workload segmentation
US12255923B2 (en) Stream processing of telemetry for a network topology
WO2024216172A1 (en) Application access analyzer
Headquarters Security Best Practices Guide for Cisco Unified ICM/Contact Center Enterprise & Hosted

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant