[go: up one dir, main page]

CN100469075C - A VPDN E-government System Realizing Network Approval and Office - Google Patents

A VPDN E-government System Realizing Network Approval and Office Download PDF

Info

Publication number
CN100469075C
CN100469075C CNB2005101345857A CN200510134585A CN100469075C CN 100469075 C CN100469075 C CN 100469075C CN B2005101345857 A CNB2005101345857 A CN B2005101345857A CN 200510134585 A CN200510134585 A CN 200510134585A CN 100469075 C CN100469075 C CN 100469075C
Authority
CN
China
Prior art keywords
server
router
user
lns
certificate server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2005101345857A
Other languages
Chinese (zh)
Other versions
CN1777191A (en
Inventor
梁剑豪
李炬
薛晓户
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
LIANG JIANHAO LI JU XUE XIAOHU
Original Assignee
LIANG JIANHAO LI JU XUE XIAOHU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by LIANG JIANHAO LI JU XUE XIAOHU filed Critical LIANG JIANHAO LI JU XUE XIAOHU
Priority to CNB2005101345857A priority Critical patent/CN100469075C/en
Publication of CN1777191A publication Critical patent/CN1777191A/en
Application granted granted Critical
Publication of CN100469075C publication Critical patent/CN100469075C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种VPDN实现网络审批及办公的电子政务系统,包括:LAC拨号接入服务器、第一认证服务器、第二认证服务器、信息发布系统服务器和信息处理系统服务器;LAC拨号接入服务器的输入端与用户终端相连,输出端连接所述第一认证服务器,该第一认证服务器通过路由器与设置有病毒防火墙的服务器相连,该服务器的输出端与LNS接入路由器的输入端相连,该LNS接入路由器的输出端连接第二认证服务器和信息发布系统服务器,第二认证服务器的输出端连接信息处理系统服务器。本发明通过建立独立的专用通道和双重认证,确保了用户在网站上安全、便捷地进行网络社保、税务等申报工作,不仅大大提高了申报的工作效率,而且为企业和社会节约了成本。

Figure 200510134585

The invention discloses an e-government system in which VPDN realizes network approval and office work, including: LAC dial-up access server, first authentication server, second authentication server, information release system server and information processing system server; LAC dial-up access server The input end is connected to the user terminal, the output end is connected to the first authentication server, the first authentication server is connected to a server provided with a virus firewall through a router, and the output end of the server is connected to the input end of the LNS access router. The output end of the LNS access router is connected to the second authentication server and the information distribution system server, and the output end of the second authentication server is connected to the information processing system server. By establishing an independent dedicated channel and dual authentication, the present invention ensures that users can safely and conveniently declare online social security and taxation on the website, which not only greatly improves the work efficiency of declaration, but also saves costs for enterprises and society.

Figure 200510134585

Description

一种VPDN实现网络审批及办公的电子政务系统 A VPDN E-government System Realizing Network Approval and Office

技术领域 technical field

本发明涉及一种保险、税务等的网络申报方法。The invention relates to a network declaration method for insurance, taxation and the like.

背景技术 Background technique

社保局每年要向群众和企事业单位发送各种待填写的单据,数量相当庞大。这些参保个人和参保单位以及相关下属参保机构都需要经常到社保中心办理相关业务,填报相关表格,因此造成了极大的人力、物力和时间的浪费。由于社保的相关信息具有不同程度的保密性,因此如果简单地采用普通网络连接方式安全性没有保证。税务申报也存在着同样的问题。The Social Security Bureau sends various forms to be filled out to the masses, enterprises and institutions every year, and the number is quite large. These insured individuals, insured units, and related subordinate insured institutions all need to go to the social insurance center to handle relevant business and fill in relevant forms, thus causing a great waste of manpower, material resources and time. Since the information related to social security has different degrees of confidentiality, there is no guarantee of security if simply using a common network connection method. The same problem exists with tax declarations.

发明内容 Contents of the invention

针对目前存在的问题,本发明的目的在于提供一种VPDN实现网络审批及办公的电子政务系统,用户可以足不出户就能够安全地进行网络申报,大大地提高了社保、税务等申报工作的效率。Aiming at the current problems, the purpose of the present invention is to provide a VPDN electronic government affairs system that realizes network approval and office work. Users can safely make network declarations without leaving home, which greatly improves the efficiency of social security, taxation and other declaration work. efficiency.

为实现上述目的,本发明一种VPDN实现网络审批及办公的电子政务系统包括:LAC拨号接入服务器、第一认证服务器、第二认证服务器、信息发布系统服务器和信息处理系统服务器;所述LAC拨号接入服务器的输入端与用户终端相连,输出端连接所述第一认证服务器,该第一认证服务器通过路由器与设置有病毒防火墙的服务器相连,该服务器的输出端与LNS接入路由器的输入端相连,该LNS接入路由器的输出端连接所述第二认证服务器和信息发布系统服务器,所述第二认证服务器的输出端连接所述信息处理系统服务器;其中,各个部分按照如下步骤进行数据传输:In order to achieve the above object, a kind of VPDN of the present invention realizes the e-government system of network examination and approval and office work including: LAC dial-up access server, first authentication server, second authentication server, information distribution system server and information processing system server; Said LAC The input end of the dial-up access server is connected to the user terminal, and the output end is connected to the first authentication server. The first authentication server is connected to the server provided with a virus firewall through a router, and the output end of the server is connected to the input of the LNS access router. The output end of the LNS access router is connected to the second authentication server and the information distribution system server, and the output end of the second authentication server is connected to the information processing system server; wherein, each part performs data processing according to the following steps transmission:

1)用户通过有线或无线网拨号接入LAC拨号服务器,然后进入第一认证服务器进行身份验证,其中,用户的身份信息从被申报机构获取,并由被申报机构预先设置在所述第一认证服务器;1) The user dials in to the LAC dial-up server through a wired or wireless network, and then enters the first authentication server for identity verification, wherein the user's identity information is obtained from the declared institution, and is preset in the first authentication server by the declared institution. server;

2)确认用户为合法用户时由对端的路由器建立VPDN专用通道;2) When confirming that the user is a legitimate user, the router at the opposite end establishes a VPDN dedicated channel;

3)用户的数据包从所述路由器进入LNS接入路由器之前进行安全检测,即由设置有病毒防火墙的服务器进行判断是否感染有病毒或是否属于恶意攻击;3) the user's data packet is checked before entering the LNS access router from the router, that is, the server provided with a virus firewall judges whether it is infected with a virus or belongs to a malicious attack;

4)当被判断没有病毒或不属于恶意攻击时被所述LNS接入路由器接入,并判断是普通用户还是申报用户,如果是普通用户,则由该LNS接入路由器指向信息发布系统服务器进行相关的数据浏览,如果是申报用户,则由第二认证服务器再次进行验证以保障安全性,经过所述第二认证服务器后,在信息处理系统服务器上进行申报、缴纳现金等操作,其中,认证信息由被申报机构预先设置在所述第二认证服务器中。4) When it is judged that there is no virus or does not belong to a malicious attack, it is accessed by the LNS access router, and it is judged whether it is an ordinary user or a declared user. If it is an ordinary user, the LNS access router points to the information release system server to perform For related data browsing, if it is a reporting user, the second authentication server will perform verification again to ensure safety. After passing through the second authentication server, operations such as declaration and cash payment will be performed on the information processing system server, wherein the authentication The information is preset in the second authentication server by the declared institution.

本发明通过建立独立的专用通道和双重认证,确保了用户在网站上安全、便捷地进行网络社保、税务等申报工作,不仅大大提高了申报的工作效率,而且为企业和社会节约了成本。By establishing an independent dedicated channel and dual authentication, the present invention ensures that users can safely and conveniently declare online social security and taxation on the website, which not only greatly improves the work efficiency of declaration, but also saves costs for enterprises and society.

附图说明 Description of drawings

图1为本发明结构示意图;Fig. 1 is a structural representation of the present invention;

图2为本发明的流程图。Fig. 2 is a flowchart of the present invention.

具体实施方式: Detailed ways:

如图1所示,本发明包括:LAC拨号接入服务器1、第一认证服务器2、第二认证服务器6、信息发布系统服务器8和信息处理系统服务器7;LAC拨号接入服务器1的输入端与用户终端相连,输出端连接第一认证服务器2,该第一认证服务器2通过路由器3与设置有病毒防火墙的服务器4相连,该服务器4的输出端与LNS接入路由器5的输入端相连,该LNS接入路由器5的输出端连接第二认证服务器6和信息发布系统服务器8,第二认证服务器6的输出端连接信息处理系统服务器7;如图2所示,其中,各个部分按照如下步骤进行数据传输:As shown in Figure 1, the present invention comprises: LAC dial-up access server 1, the first authentication server 2, the second authentication server 6, information distribution system server 8 and information processing system server 7; The input end of LAC dial-up access server 1 Be connected with the user terminal, the output end is connected with the first authentication server 2, the first authentication server 2 is connected with the server 4 provided with the virus firewall through the router 3, the output end of the server 4 is connected with the input end of the LNS access router 5, The output end of this LNS access router 5 is connected to the second authentication server 6 and the information distribution system server 8, and the output end of the second authentication server 6 is connected to the information processing system server 7; as shown in Figure 2, wherein, each part follows the following steps For data transfer:

1)用户通过有线或无线网拨号接入LAC服务器,然后进入第一认证服务器进行身份验证,其中,用户的身份信息从被申报机构获取,并由被申报机构预先设置在所述第一认证服务器;1) The user dials in to the LAC server through a wired or wireless network, and then enters the first authentication server for identity verification, wherein the user's identity information is obtained from the declared institution, and is preset by the declared institution on the first authentication server ;

2)确认用户为合法用户时由对端的路由器建立VPDN专用通道,也就是用户和LNS协商链路控制协议LCP建立连接的过程中,LAC和第一认证服务器使用CHAP或PAP对用户进行部分论证,包括用户名、密码的验证,以确定该用户是否是VPDN的客户,若用户不是VPDN用户,则继续进行认证,看该用户是否可访问INTERNET或其它相关服务;如用户是VPDN客户,则被映射到一个指定LNS接入路由器;2) When confirming that the user is a legal user, the router at the opposite end establishes a VPDN dedicated channel, that is, during the process of establishing a connection between the user and the LNS through negotiation of the Link Control Protocol (LCP), the LAC and the first authentication server use CHAP or PAP to partially authenticate the user, Including verification of user name and password to determine whether the user is a VPDN customer. If the user is not a VPDN user, continue to authenticate to see whether the user can access the Internet or other related services; if the user is a VPDN customer, it will be mapped to a designated LNS access router;

3)用户的数据包从所述路由器进入LNS接入路由器之前进行安全检测,即由设置有病毒防火墙的服务器进行判断是否感染有病毒或是否属于恶意攻击;3) the user's data packet is checked before entering the LNS access router from the router, that is, the server provided with a virus firewall judges whether it is infected with a virus or belongs to a malicious attack;

4)当被判断没有病毒或不属于恶意攻击时被所述LNS接入路由器接入,并判断是普通用户还是社保用户,如果是普通用户,则由该LNS接入路由器指向信息发布系统服务器进行相关的数据浏览,如果是社保用户,则由第二认证服务器再次进行验证以保障安全性,经过第二认证服务器后,在社保中心的信息处理系统服务器上进行社保申报、缴纳现金等操作,其中,认证信息由被申报机构预先设置在所述第二认证服务器中。4) When it is judged that there is no virus or does not belong to a malicious attack, it is accessed by the LNS access router, and it is judged whether it is an ordinary user or a social security user. If it is an ordinary user, the LNS access router points to the information release system server to perform Relevant data browsing, if it is a social security user, will be verified again by the second authentication server to ensure safety. After passing the second authentication server, the social security declaration and cash payment will be performed on the information processing system server of the social security center. , the authentication information is preset in the second authentication server by the declared institution.

本发明不仅可以适用于社保申报,也可适用于税务等的申报工作。The present invention can be applied not only to social security declaration, but also to tax declaration and the like.

Claims (1)

1, a kind of VPDN realizes the electronic government affairs system of network approval and office, it is characterized in that, comprising: LAC dialup access server, first certificate server, second certificate server, information issuing system server and information processing system server; The input of described LAC dialup access server links to each other with user terminal, output connects described first certificate server, this first certificate server links to each other with the server that is provided with virus firewall by router, this output that is provided with the server of virus firewall links to each other with the input of LNS couple in router, the output of this LNS couple in router connects described second certificate server and information issuing system server, and the output of described second certificate server connects described information processing system server; Wherein, various piece is carried out transfer of data according to following steps:
1) user is by wired or wireless net dial-up access LAC dialup access server, enter first certificate server then and carry out authentication, wherein, user's identity information is obtained from declaring mechanism, and is set in advance at described first certificate server by declaring mechanism;
Set up the VPDN designated lane by the router of opposite end when 2) confirming the user for validated user;
3) the user's data bag carried out safety detection before described router enters the LNS couple in router, and promptly being judged whether to infect by the server that is provided with virus firewall has virus or do not belong to malicious attack;
4) do not inserted by described LNS couple in router when being judged when having virus or not belonging to malicious attack, and judgement is domestic consumer or declares the user, if domestic consumer, the browsing data of being correlated with then by this LNS couple in router directional information delivery system server, if declare the user, then verify once more to guarantee safety by second certificate server, through behind described second certificate server, on the information processing system server, declare, pay the cash operation, wherein, authentication information is set in advance in described second certificate server by declaring mechanism.
CNB2005101345857A 2005-12-21 2005-12-21 A VPDN E-government System Realizing Network Approval and Office Expired - Fee Related CN100469075C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2005101345857A CN100469075C (en) 2005-12-21 2005-12-21 A VPDN E-government System Realizing Network Approval and Office

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2005101345857A CN100469075C (en) 2005-12-21 2005-12-21 A VPDN E-government System Realizing Network Approval and Office

Publications (2)

Publication Number Publication Date
CN1777191A CN1777191A (en) 2006-05-24
CN100469075C true CN100469075C (en) 2009-03-11

Family

ID=36766487

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2005101345857A Expired - Fee Related CN100469075C (en) 2005-12-21 2005-12-21 A VPDN E-government System Realizing Network Approval and Office

Country Status (1)

Country Link
CN (1) CN100469075C (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107833127A (en) * 2017-12-11 2018-03-23 赛拓信息技术有限公司 Tax system PC terminal system
CN109460659A (en) * 2018-09-07 2019-03-12 安徽恒科信息技术有限公司 A kind of openness of government affairs website assessment management system

Also Published As

Publication number Publication date
CN1777191A (en) 2006-05-24

Similar Documents

Publication Publication Date Title
US12212560B2 (en) Method for authorizing a secure access from a local device to a remote server computer
US11770378B2 (en) Systems and methods for controlling access to a blockchain
US7769994B2 (en) Content inspection in secure networks
JP4861417B2 (en) Extended one-time password method and apparatus
US9608988B2 (en) Method and system for authorizing secure electronic transactions using a security device having a quick response code scanner
CN105357186B (en) A kind of secondary authentication method based on out-of-band authentication and enhancing OTP mechanism
US20040107360A1 (en) System and Methodology for Policy Enforcement
US20070180510A1 (en) Methods and systems for obtaining URL filtering information
CN101355415B (en) Method and system for realizing secure access of network terminal to public network
US9548978B2 (en) Method and system for authorizing secure electronic transactions using a security device
US20140359016A1 (en) Techniques for network process identity enablement
US20080022085A1 (en) Server-client computer network system for carrying out cryptographic operations, and method of carrying out cryptographic operations in such a computer network system
CN108200039A (en) Unaware authentication and authorization system and method based on dynamic creation temporary account password
CA2510647A1 (en) Signing of web request
CN100469075C (en) A VPDN E-government System Realizing Network Approval and Office
Xia et al. Enhanced tls handshake authentication with blockchain and smart contract (short paper)
CN104104686B (en) A kind of network data Packet analyzing evidence collecting method based on mobile Internet
CN104618306A (en) Novel integrated mobile phone data transmission key signal encryption method
Shoniregun Impacts and Risk Assessment of Technology for Internet Security: Enabled Information Small-Medium Enterprises (TEISMES)
CN101572706A (en) Platform authentication message management method suitable for tri-element peer authentication trusted network connect architecture
Yuan et al. Safety analysis and strategy of Alipay
CN2891499Y (en) Network-based declaration system
US20090328184A1 (en) System and Method for Enhanced Security of IP Transactions
Neogi The internet and the need for governance: Learning from the past, coping with the future
CN117061200A (en) Bill verification method, device, terminal and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090311

Termination date: 20100121