Abstract: The present invention provides a secure communication method and apparatus. A security proxy device is arranged between a client and a server. The method comprises: the security proxy device using a key exchange mechanism to perform connection key agreement with the client; and assigning a token for the client after identity authentication for the client succeeds; upon receiving a request sent by the client to the server, validating whether the token sent together with the request is a token assigned for the client; if the validation succeeds, forwarding to the server a request obtained by using the connection key or a token connection key to decrypt the request, wherein the token connection key is assigned for the client and then sent to the client by using the connection key; after receiving a response returned by the server, using the connection key or token connection key to encrypt the response, and forwarding the encrypted response to the client.

Abstract: The present invention provides a secure communication method and apparatus. A security proxy device is arranged between a client and a server; after receiving data returned by the server to the client, the security proxy device assigns a token to the client, and sends the token, the data returned by the server to the client and an execution module to the client; receives a request which the execution module running at the client uses the token to send, verifies the token, and forwards the request to the server if the validation succeeds. The present invention improves security of communication between the client and the server, and can protect the server from various automated attacks.

Abstract: The present invention provides a secure communication method and apparatus. A security proxy device is arranged between a client and a server. The method comprises: the security proxy device using a key exchange mechanism to perform connection key agreement with the client; and assigning a token for the client after identity authentication for the client succeeds; upon receiving a request sent by the client to the server, validating whether the token sent together with the request is a token assigned for the client; if the validation succeeds, forwarding to the server a request obtained by using the connection key or a token connection key to decrypt the request, wherein the token connection key is assigned for the client and then sent to the client by using the connection key; after receiving a response returned by the server, using the connection key or token connection key to encrypt the response, and forwarding the encrypted response to the client.