[go: up one dir, main page]

WO2024001885A1 - Procédé de transmission de données, dispositif électronique et support d'enregistrement informatique - Google Patents

Procédé de transmission de données, dispositif électronique et support d'enregistrement informatique Download PDF

Info

Publication number
WO2024001885A1
WO2024001885A1 PCT/CN2023/101493 CN2023101493W WO2024001885A1 WO 2024001885 A1 WO2024001885 A1 WO 2024001885A1 CN 2023101493 W CN2023101493 W CN 2023101493W WO 2024001885 A1 WO2024001885 A1 WO 2024001885A1
Authority
WO
WIPO (PCT)
Prior art keywords
device data
acquisition request
ipsec vpn
data acquisition
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2023/101493
Other languages
English (en)
Chinese (zh)
Inventor
张晟嘉
刘雨冬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sanechips Technology Co Ltd
Original Assignee
Sanechips Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sanechips Technology Co Ltd filed Critical Sanechips Technology Co Ltd
Publication of WO2024001885A1 publication Critical patent/WO2024001885A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • This application relates to the field of communication technology, specifically to data transmission methods, electronic equipment and computer storage media.
  • the smart home monitoring platform can monitor, store and analyze the data of the home camera by retrieving and accessing the Real Time Streaming Protocol (RTSP) address of the camera. It can also manage the data in real time. Obtain data from smart home devices and forward command information to improve the information security and reliability of the smart home system.
  • RTSP Real Time Streaming Protocol
  • IP Internet Protocol
  • embodiments of the present disclosure provide a data transmission method applied to a secure private virtual private network IPSec VPN gateway.
  • the method includes: receiving a message from a monitoring platform. the device data acquisition request sent; verifying the device data acquisition request; in response to the verification passing, encrypting the device data acquisition request; and sending the encrypted device data acquisition request to the IPSec VPN through an encrypted tunnel Device, for the IPSec VPN device to send the device data acquisition request to the smart device.
  • embodiments of the present disclosure provide a data transmission method applied to a secure dedicated virtual private network IPSec VPN device.
  • the method includes: receiving an encrypted device data acquisition request sent by an IPSec VPN gateway through an encrypted tunnel; Decrypting the encrypted device data acquisition request to obtain the device data acquisition request; verifying the device data acquisition request; and in response to the verification passing, sending the device data acquisition request to the smart device .
  • embodiments of the present disclosure provide an electronic device, including: one or more processors; a storage device having one or more computer programs stored thereon; the one or more computer programs are processed by the one or more Multiple processors execute, so that the one or more processors execute the data transmission method as described above.
  • embodiments of the present disclosure provide a computer storage medium on which a computer program is stored, wherein the computer program is executed by a processor, causing the processor to perform the aforementioned data transmission method.
  • Figure 1 is a schematic flowchart 1 of a data transmission method provided by an embodiment of the present disclosure
  • Figure 2 is a schematic networking diagram of a smart home system provided by an embodiment of the present disclosure
  • FIG. 3 is a schematic flowchart 2 of the data transmission method provided by an embodiment of the present disclosure.
  • Figure 4 is a flowchart three of the data transmission method provided by an embodiment of the present disclosure.
  • Figure 5 is a schematic flow chart 4 of a data transmission method provided by an embodiment of the present disclosure.
  • Figure 6 is a schematic flow chart 5 of a data transmission method provided by an embodiment of the present disclosure.
  • Figure 7 is a schematic flow chart 6 of a data transmission method provided by an embodiment of the present disclosure.
  • Figure 8 is a module schematic diagram of an IPSec VPN gateway provided by an embodiment of the present disclosure.
  • Figure 9 is a schematic module diagram of an IPSec VPN device provided by an embodiment of the present disclosure.
  • Embodiments described herein may be described with reference to plan and/or cross-sectional illustrations, with the aid of idealized schematic illustrations of the present disclosure. Accordingly, example illustrations may be modified based on manufacturing techniques and/or tolerances. Therefore, the embodiments are not limited to those shown in the drawings but include modifications of configurations formed based on the manufacturing process. Accordingly, the regions illustrated in the figures are of a schematic nature and the shapes of the regions shown in the figures are illustrative of the specific shapes of regions of the element and are not intended to be limiting.
  • the smart home devices in the smart home system are directly connected to the IP network. As long as the network is reachable, these smart home devices can be accessed. It is also easy to steal or tamper with the device data collected by the smart home devices, which brings great changes to family life. security risks, which is not conducive to maintaining user information security.
  • embodiments of the present disclosure propose that the reason for the above problems is that existing smart home devices communicate directly with the monitoring platform, but no security protection measures are taken for the communication between the monitoring platform and the smart home devices. As a result, device data is vulnerable to various attacks such as sniffing, information crawling, and even information tampering and information camouflage when transmitted over the public network.
  • embodiments of the present disclosure propose that by adding an IPSec VPN gateway and an IPSec VPN device between the smart home device and the monitoring platform, and using IPSec VPN tunnel technology to establish an encrypted tunnel between the IPSec VPN gateway and the IPSec VPN device, it is possible to This ensures that data exchanges between smart home devices and monitoring platforms are securely protected, thus preventing data collected by smart home devices from being stolen and tampered with.
  • an embodiment of the present disclosure provides a data transmission method applied to an IPSec VPN gateway.
  • the method may include the following steps S11 to S14.
  • step S11 the device data acquisition request sent by the monitoring platform is received.
  • step S12 the device data acquisition request is verified.
  • step S13 in response to the verification passing, the device data acquisition request is encrypted.
  • step S14 the encrypted device data acquisition request is sent to the IPSec VPN device through the encrypted tunnel, so that the IPSec VPN device sends the device data acquisition request to the smart device.
  • Smart devices can include smart washing machines, sweeping robots, home cameras, temperature control systems, air purification systems, printers and other appliances that can connect to the Internet.
  • the encrypted device data acquisition request sent by the IPSec VPN gateway to the IPSec VPN device may be an encapsulating security payload (Encapsulating Security Payload, ESP) encrypted data packet, an authentication header (Authentication Header, AH) encrypted data packet, a password Key exchange protocol (Internet Key Exchange, IKE) encrypted data packets, etc.
  • ESP Encapsulating Security Payload
  • AH Authentication Header
  • IKE Internet Key Exchange
  • FIG. 2 is a schematic networking diagram of a smart home system provided by an embodiment of the present disclosure.
  • the smart home system includes a smart home monitoring platform, IPSec VPN gateway, IPSec VPN equipment and smart home equipment.
  • the IPSec VPN device can be connected to one or more smart home devices through Ethernet interface 2, and can also be connected to the IP public network through Ethernet interface 1.
  • the IPSec VPN gateway can be accessed via Ethernet interface 1 It is connected to the IP public network, indirectly connected to multiple IPSec VPN devices through the IP public network, and can also be connected to the smart home monitoring platform through Ethernet interface 2.
  • the IPSec VPN gateway verifies the device data acquisition request by receiving the device data acquisition request sent by the monitoring platform. If the verification passes , encrypt the device data acquisition request, and send the encrypted device data acquisition request to the IPSec VPN device through an encrypted tunnel, so that the IPSec VPN device sends the device data acquisition request to the smart device .
  • This disclosure adopts effective security protection measures for the communication between the monitoring platform and smart devices, prevents the data collected by smart home devices from being stolen and tampered with, improves the security of data interaction between the monitoring platform and smart devices, and protects users' information security.
  • the IPSec VPN device After the IPSec VPN device receives the encrypted device data acquisition request sent by the IPSec VPN gateway, it decrypts the encrypted device data acquisition request to obtain the device data acquisition request, and verifies the device data acquisition request. If the verification passes, the device data acquisition request is sent to the smart device. After receiving the device data acquisition request, the smart device returns the corresponding device data to the IPSec VPN device. The IPSec VPN device receives the device data sent by the smart device, verifies the device data, and if the verification passes, encrypts the device data and sends the encrypted device data to the IPSec VPN gateway through the encrypted tunnel.
  • the IPSec VPN gateway After the IPSec VPN gateway receives the encrypted device data sent by the IPSec VPN device, it also needs to perform some security processing before sending the device data to the monitoring platform. In some embodiments, after sending the encrypted device data acquisition request to the IPSec VPN device through the encrypted tunnel (i.e. step S14), as shown in Figure 3, the method may also include the following steps S15 to S18.
  • step S15 the encrypted device data sent by the IPSec VPN device is received through the encrypted tunnel.
  • step S16 the encrypted device data is decrypted to obtain the device data.
  • step S17 the device data is verified.
  • step S18 in response to the verification passing, the device data is sent to the monitoring platform.
  • step S12 the device data acquisition request is verified, and in step S17, the device data is verified. In fact, it is to verify whether the device data acquisition request is sent by the monitoring platform, and to verify whether the device data is Sent by a smart device.
  • the verification of the device data acquisition request may include the following steps: verifying whether the source address carried in the device data acquisition request is the IP address of the monitoring platform and the destination Whether the address is the IP address of the smart device;
  • the verification of the device data may include the following steps: verifying whether the source address carried in the device data is the IP address of the smart device and Whether the destination address is the IP address of the monitoring platform.
  • the IPSec VPN gateway and the IPSec VPN device can configure a protection policy for the encrypted tunnel when establishing the encrypted tunnel.
  • the protection policy is such as under what circumstances data packets can be transmitted through the encrypted tunnel and under what circumstances the data packets can be transmitted through the encrypted tunnel.
  • the data packets transmitted through the encrypted tunnel are safe and reliable, etc.
  • the protection strategy can be considered to be equivalent to the forwarding conditions.
  • the protection strategy may include: the source address carried in the device data acquisition request is the IP address of the monitoring platform and the destination address is the IP address of the smart device; or, the source address carried in the device data is The IP address of the smart device and the destination address are the IP addresses of the monitoring platform.
  • the IPSec VPN gateway and IPSec VPN device Before formally forwarding data packets between the monitoring platform and smart devices through the encrypted tunnel, it is necessary to initialize the IPSec VPN gateway and IPSec VPN device, such as obtaining certificate files, establishing an encrypted tunnel, and configuring protection policies for the encrypted tunnel. wait. Moreover, during the initialization process, the IPSec VPN gateway and IPSec VPN device can obtain the same session key to encrypt or decrypt data packets transmitted through the encrypted tunnel. In some embodiments, encrypting the device data acquisition request and decrypting the encrypted device data are both performed based on a preset session key; as shown in Figure 4, after receiving the monitoring Before the device data acquisition request sent by the platform (ie, step S11), the method may also include the following steps S21 to S24.
  • step S21 a certificate request is sent to the certificate system.
  • step S22 receive the certificate file sent by the certificate system, where the certificate file carries the session key.
  • step S23 an IP network connection between the IPSec VPN gateway and the IPSec VPN device is established based on the certificate file.
  • step S24 an encrypted tunnel between the IPSec VPN gateway and the IPSec VPN device is established, and a protection policy is configured for the encrypted tunnel.
  • Tunneling technology is a way to transfer data between networks by using the infrastructure of the Internet. Data packets of different protocols can be transferred through tunnels. The tunneling protocol re-encapsulates the data packets of other protocols and sends them in new packet headers. The new packet headers Routing information is provided to enable encapsulated data to pass over the Internet, and the encapsulated packets are routed over the public Internet between the two endpoints of the tunnel. Taking a certain IPSec VPN device (called IPSec VPN device 1) as an example, add an encrypted tunnel in IPSec VPN device 1. The source address of the encrypted tunnel communication is the IP address of IPSec VPN device 1, and the destination address is the IPSec VPN gateway. IP address.
  • IPSec VPN device 1 add an encrypted tunnel in IPSec VPN device 1.
  • the source address of the encrypted tunnel communication is the IP address of IPSec VPN device 1
  • the destination address is the IPSec VPN gateway. IP address.
  • the source address of the encrypted tunnel communication is the IP address of the IPSec VPN gateway.
  • the destination address is the IP address of IPSec VPN device 1.
  • the protection policy configured for it can be: the source address of the data sent through the encrypted tunnel is the IP address of the smart device, and the destination IP address is the IP address of the monitoring platform.
  • the protection policy configured for it can be: the source address of the data sent through the encrypted tunnel is the IP address of the monitoring platform, and the destination IP address is the IP address of the smart device.
  • the protection policy configured for the encrypted tunnel can be added to the routing and forwarding table, etc.
  • IPSec VPN devices control smart devices and obtain device data from smart devices. Smart devices are isolated from the IP network through IPSec VPN devices. Only people authorized to obtain the IP address of smart devices can control smart devices and obtain data from smart devices. Attackers cannot Find the smart device over the IP network to control it. And the person authorized to obtain the IP address of the smart device can only control the smart device and obtain the device data of the smart device after passing the encrypted tunnel established by the IPSec VPN device and IPSec VPN gateway and after passing the verification of the configured protection policy. will be stolen and tampered with, ensuring the security of device data.
  • system time can also be synchronized and calibrated between the IPSec VPN gateway and the IPSec VPN device.
  • the data transmission method provided by the embodiment of the present disclosure can also be applied to IPSec VPN equipment. As shown in Figure 5, the data transmission method is applied to the IPSec VPN device, and the method may include the following steps S31 to S34.
  • step S31 receive the encrypted device data acquisition request sent by the IPSec VPN gateway through the encrypted tunnel.
  • step S32 the encrypted device data acquisition request is decrypted to obtain the device data acquisition request.
  • step S33 the device data acquisition request is verified.
  • step S34 in response to the verification passing, the device data acquisition request is sent to the smart device.
  • the IPSec VPN device receives the encrypted device data acquisition request sent by the IPSec VPN gateway through the encrypted tunnel, and processes the encrypted device data acquisition request. Decrypt to obtain the device data acquisition request, verify the device data acquisition request, and if the verification passes, send the device data acquisition request to the smart device.
  • This disclosure adopts effective security protection measures for the communication between the monitoring platform and smart devices, prevents the data collected by smart home devices from being stolen and tampered with, improves the security of data interaction between the monitoring platform and smart devices, and protects users' information security.
  • the smart device After sending the device data acquisition request to the smart device, the smart device will return the device data to the IPSec VPN device. At this time, the IPSec VPN device also needs to perform some security processing before sending the device data to the IPSec VPN gateway.
  • the method may further include the following steps S35 to S38.
  • step S35 the device data sent by the smart device is received.
  • step S36 the device data is verified.
  • step S37 in response to the verification passing, the device data is encrypted.
  • step S38 the encrypted device data is sent to the IPSec VPN gateway through an encrypted tunnel, so that the IPSec VPN gateway can send the device data to the monitoring platform.
  • verifying the device data acquisition request includes: verifying whether the source address carried in the device data acquisition request is the IP address of the monitoring platform and whether the destination address is the IP address of the smart device ;
  • the verification of the device data includes: verifying whether the source address carried in the device data is the IP address of the smart device and whether the destination address is the IP address of the monitoring platform.
  • decrypting the encrypted device data acquisition request and encrypting the device data are both performed according to a preset session key.
  • the method may further include the following steps S41 to S44.
  • step S41 a certificate request is sent to the certificate system.
  • step S42 receive the certificate file sent by the certificate system, where the certificate file carries the session key.
  • step S43 establish an IP network connection between the IPSec VPN device and the IPSec VPN gateway according to the certificate file.
  • step S44 an encrypted tunnel between the IPSec VPN device and the IPSec VPN gateway is established, and a protection policy is configured for the encrypted tunnel.
  • the IPSec VPN gateway can include a data packet receiving module, a data packet encryption module, a data packet decryption module, a data packet forwarding module, a verification module, a certificate request module, a certificate import module, a network configuration module, and a system Time setting module.
  • IPSec VPN equipment can include a data packet receiving module, a data packet encryption module, a data packet decryption module, a data packet forwarding module, a device data receiving module, a verification module, a certificate request module, a certificate import module, a network configuration module, and a system time setting module.
  • the system time setting module of IPSec VPN gateway and IPSec VPN device is configured to synchronize the system time calibration.
  • the certificate request modules of the IPSec VPN gateway and IPSec VPN device are respectively configured to send certificate requests to the certificate system, and the certificate import modules of the IPSec VPN gateway and IPSec VPN device are respectively configured to receive certificate files sent by the certificate system and import the certificate files.
  • the network configuration module of IPSec VPN gateway and IPSec VPN device is configured to establish an IP network connection between IPSec VPN gateway and IPSec VPN device based on the certificate file, establish an encrypted tunnel between IPSec VPN gateway and IPSec VPN device, and be an encrypted tunnel Configure protection policies.
  • the verification module of the IPSec VPN gateway When receiving a device data acquisition request sent by the monitoring platform, the verification module of the IPSec VPN gateway is configured to obtain the source address and destination address in the device data acquisition request, and compare the obtained source address and destination address with the protection policy of the encrypted tunnel. Match, verify whether the obtained source address is the IP address of the monitoring platform and whether the obtained destination address is the IP address of the smart device.
  • the packet encryption module of the IPSec VPN gateway is configured to encrypt the device data acquisition request according to the preset session key
  • the packet forwarding module of the IPSec VPN gateway is configured to pass the encrypted device through the encrypted tunnel.
  • the data retrieval request is sent to the IPSec VPN device associated with the destination address in the device data retrieval request.
  • the packet receiving module of the IPSec VPN device is configured to receive the encrypted device data acquisition request sent by the IPSec VPN gateway through the encrypted tunnel, and the packet decryption module of the IPSec VPN device is configured to process the encrypted device data based on the preset session key. Obtain the request and decrypt it to obtain the device data acquisition request.
  • the verification module of the IPSec VPN device is configured to obtain the source address and destination address in the device data acquisition request, and match the obtained source address and destination address with the protection policy of the encrypted tunnel. Verify whether the obtained source address is the IP address of the monitoring platform and whether the obtained destination address is the IP address of the smart device. When the verification is passed, the packet forwarding module of the IPSec VPN device is configured to forward the device data acquisition request to the smart device corresponding to the destination address in the device data acquisition request.
  • the smart device After receiving the device data acquisition request, the smart device returns the corresponding device data to the IPSec VPN device.
  • the source address carried in the device data is the IP address of the smart device, and the destination address carried is the IP address of the monitoring platform.
  • the device data receiving module of the IPSec VPN device is configured to receive device data returned by the smart device.
  • the verification module of the IPSec VPN device is configured to obtain the source address and destination address in the device data, and compare the obtained source address and destination address with the encrypted tunnel's Match the protection policies and verify whether the obtained source address is the IP address of the smart device and whether the obtained destination address is the IP address of the monitoring platform.
  • the packet encryption module of the IPSec VPN device is configured to encrypt the device data
  • the packet forwarding module of the IPSec VPN device is configured to send the encrypted device data to the IPSec VPN gateway through the encrypted tunnel.
  • the packet receiving module of the IPSec VPN gateway is configured to receive the encrypted device data sent by the IPSec VPN device through the encrypted tunnel.
  • the packet decrypting module of the IPSec VPN gateway is configured to decrypt the encrypted device data and obtain the device data.
  • IPSec VPN The verification module of the gateway is configured to obtain the source address and destination address in the device data, match the obtained source address and destination address with the protection policy of the encrypted tunnel, and verify whether the obtained source address is the IP address of the smart device and obtain Whether the destination address reached is the IP address of the monitoring platform. When the verification is passed, the packet forwarding module of the IPSec VPN gateway is configured to send device data to the monitoring platform.
  • the IPSec VPN gateway also has an external network interface that can communicate with external devices through the Internet and ensure the security of communication data based on the IP security protocol.
  • embodiments of the present disclosure also provide an electronic device, including: one or more processors; a storage device having one or more computer programs stored thereon; the one or more computer programs are controlled by the one or more processors; Execution by one or more processors causes the one or more processors to execute the data transmission method as described above.
  • embodiments of the present disclosure also provide a computer storage medium on which a computer program is stored, wherein the computer program is executed by a processor, causing the processor to perform the data transmission method as described above.
  • Such software may be distributed on computer-readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media).
  • computer storage media includes volatile and nonvolatile media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. removable, removable and non-removable media.
  • Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disk (DVD) or other optical disk storage, magnetic cassettes, tapes, disk storage or other magnetic storage devices, or may Any other medium used to store the desired information and that can be accessed by a computer.
  • communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism, and may include any information delivery media .
  • Example embodiments have been disclosed herein, and although specific terms are employed, they are used and should be interpreted in a general illustrative sense only and not for purpose of limitation. In some instances, it will be apparent to those skilled in the art that, unless expressly stated otherwise, features, characteristics, and/or elements described in connection with a particular embodiment may be used alone, or may be used with features, characteristics, and/or elements described in connection with other embodiments. and/or used in combination with components. Accordingly, it will be understood by those skilled in the art that various changes in form and details may be made without departing from the scope of the present disclosure as set forth in the appended claims.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

La présente divulgation est appliquée à une passerelle de réseau privé virtuel de sécurité de protocole Internet (VPN IPSec). L'invention concerne un procédé de transmission de données. Le procédé consiste à : recevoir une demande d'acquisition de données de dispositif envoyée par une plateforme de surveillance ; vérifier la demande d'acquisition de données de dispositif ; en réponse à la vérification réussie de la demande d'acquisition de données de dispositif, chiffrer la demande d'acquisition de données de dispositif ; et envoyer la demande d'acquisition de données de dispositif chiffrée à un dispositif VPN IPSec au moyen d'un tunnel chiffré, de telle sorte que le dispositif VPN IPSec envoie la demande d'acquisition de données de dispositif à un dispositif intelligent. La présente divulgation concerne en outre un dispositif électronique et un support d'enregistrement informatique.
PCT/CN2023/101493 2022-06-29 2023-06-20 Procédé de transmission de données, dispositif électronique et support d'enregistrement informatique Ceased WO2024001885A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210752450.0 2022-06-29
CN202210752450.0A CN117353959A (zh) 2022-06-29 2022-06-29 数据传输方法、电子设备及计算机存储介质

Publications (1)

Publication Number Publication Date
WO2024001885A1 true WO2024001885A1 (fr) 2024-01-04

Family

ID=89354495

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/101493 Ceased WO2024001885A1 (fr) 2022-06-29 2023-06-20 Procédé de transmission de données, dispositif électronique et support d'enregistrement informatique

Country Status (2)

Country Link
CN (1) CN117353959A (fr)
WO (1) WO2024001885A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119363736A (zh) * 2024-10-25 2025-01-24 上海迅软信息科技有限公司 一种传输文件数据的方法、装置、系统及设备

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008039506A2 (fr) * 2006-09-27 2008-04-03 Cipheroptics, Inc. Deploiement de reseaux prives virtuels de groupe et de groupes de securite sur un reseau d'entreprise de bout en bout et cryptage ip pour rpv
JP2008199497A (ja) * 2007-02-15 2008-08-28 Nippon Telegr & Teleph Corp <Ntt> ゲートウェイ装置および認証処理方法
CN105376239A (zh) * 2015-11-25 2016-03-02 成都三零瑞通移动通信有限公司 一种支持移动终端进行IPSec VPN报文传输方法及装置
CN114143050A (zh) * 2021-11-23 2022-03-04 广东电网有限责任公司 一种视频数据加密系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008039506A2 (fr) * 2006-09-27 2008-04-03 Cipheroptics, Inc. Deploiement de reseaux prives virtuels de groupe et de groupes de securite sur un reseau d'entreprise de bout en bout et cryptage ip pour rpv
JP2008199497A (ja) * 2007-02-15 2008-08-28 Nippon Telegr & Teleph Corp <Ntt> ゲートウェイ装置および認証処理方法
CN105376239A (zh) * 2015-11-25 2016-03-02 成都三零瑞通移动通信有限公司 一种支持移动终端进行IPSec VPN报文传输方法及装置
CN114143050A (zh) * 2021-11-23 2022-03-04 广东电网有限责任公司 一种视频数据加密系统

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119363736A (zh) * 2024-10-25 2025-01-24 上海迅软信息科技有限公司 一种传输文件数据的方法、装置、系统及设备

Also Published As

Publication number Publication date
CN117353959A (zh) 2024-01-05

Similar Documents

Publication Publication Date Title
US20220255732A1 (en) Systems And Methods For Encrypted Content Management
CN110996318B (zh) 一种变电站智能巡检机器人安全通信接入系统
US10771262B2 (en) Providing forward secrecy in a terminating SSL/TLS connection proxy using ephemeral Diffie-Hellman key exchange
US9461975B2 (en) Method and system for traffic engineering in secured networks
EP3073668B1 (fr) Appareil et procédé permettant d&#39;authentifier des dispositifs de réseau
US8904178B2 (en) System and method for secure remote access
CN101507228B (zh) 用于位于线缆网络中的装置的改善的认证
US10178181B2 (en) Interposer with security assistant key escrow
US20170201382A1 (en) Secure Endpoint Devices
CN113973000B (zh) 一种预共享密钥psk的处理方法及装置
US20150249639A1 (en) Method and devices for registering a client to a server
WO2023174143A1 (fr) Procédé de transmission de données, dispositif, support et produit
CN108712364B (zh) 一种sdn网络的安全防御系统及方法
WO2024001885A1 (fr) Procédé de transmission de données, dispositif électronique et support d&#39;enregistrement informatique
CN114143050B (zh) 一种视频数据加密系统
Khandkar et al. State of internet privacy and tales of ECH-TLS
WO2018172776A1 (fr) Transfert sécurisé de données entre des dispositifs de l&#39;internet des objets
Garimella et al. Secure Shell-Its significance in Networking (SSH)
WO2017024588A1 (fr) Procédé et appareil de traitement de service
Dudani Virtual Private Networks for Peer-to-Peer Infrastructures
JP2007324727A (ja) Ftp通信システム、ftp通信プログラム、ftpクライアント装置及びftpサーバ装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23830064

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 23830064

Country of ref document: EP

Kind code of ref document: A1