Nothing Special   »   [go: up one dir, main page]

CN115314238A - Cross-device, cross-network and cross-application authority control device - Google Patents

Cross-device, cross-network and cross-application authority control device Download PDF

Info

Publication number
CN115314238A
CN115314238A CN202210527421.4A CN202210527421A CN115314238A CN 115314238 A CN115314238 A CN 115314238A CN 202210527421 A CN202210527421 A CN 202210527421A CN 115314238 A CN115314238 A CN 115314238A
Authority
CN
China
Prior art keywords
cross
data
module
unit
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210527421.4A
Other languages
Chinese (zh)
Inventor
兰图
郑长松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Public Security Research Center
Chengdu Shenpo Data Co ltd
Original Assignee
Sichuan Public Security Research Center
Chengdu Shenpo Data Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Public Security Research Center, Chengdu Shenpo Data Co ltd filed Critical Sichuan Public Security Research Center
Priority to CN202210527421.4A priority Critical patent/CN115314238A/en
Publication of CN115314238A publication Critical patent/CN115314238A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of data authority control and calling, in particular to a cross-device, cross-network and cross-application authority control device which comprises a device body, wherein a local storage module used for collecting and concentrating different data is erected in the device body, the downstream data of the local storage module is connected with a calling IO module, the upstream data of the local storage module is connected with an exchange module group, a plurality of data interfaces are arranged in the exchange module group, and the local storage module and the calling IO module can effectively perform authority authentication operation of cross-platform services and other services.

Description

Cross-device, cross-network and cross-application authority control device
Technical Field
The invention relates to the technical field of data authority control and calling, in particular to a cross-device, cross-network and cross-application authority control device.
Background
The statements in this section merely provide background information related to the present disclosure and may not constitute prior art.
The authority management means that according to a security rule or a security policy set by a system, a user can access and only can access authorized resources, an authorization result is accurate, the authorization result is guided to be unique, meanwhile, the authority management is almost in any system, the system with the user and a password can call writing to perform related execution operation, cross-platform, cross-equipment, cross-service and other operations can be performed frequently, but because different processing environments are involved, manual auxiliary contact is required frequently to be performed, and the services are matched, so that the problems of service disjointing or untimely information conduction can occur frequently in the service processing process.
In the prior art, wireless or wired data transmission can be carried out by building each service independent system, redundancy of data and data repeated thread conduction can occur in the data transmission process, and untimely or deviated information transmission can occur after long-term accumulation.
Disclosure of Invention
The inventor discovers through research that: in combination with the technology disclosed at present, the control of the data authority still depends on different processing platforms, various corresponding transmission protocols are established on the different processing platforms, and then data transmission is performed in a number-checking mode.
The utility model aims to provide a cross-device, cross-network, cross-application authority control device through erect local storage module in the device body and have the IO module of transferring at body storage module downstream data connection, can effectively solve prior art and cross platform, cross the technical problem that multiple authentication permission need be carried out in the acquisition of data authority between multiple different processing environments such as application.
According to one aspect of the disclosure, a cross-device, cross-network and cross-application permission control device is provided, and the device comprises a device body, wherein an insulating partition material is laid on the surface of the device body, a local storage module used for different data gathering and concentration is erected in the device body, the downstream data of the local storage module is connected with a calling IO module used for different instructions and data allocation, the calling IO module and the body storage module are combined to perform calling processing of data input and output data, the upstream data of the local storage module is connected with a switching module group used for external data access and output, and a plurality of data interfaces are arranged in the switching module group.
This openly has set up local storage module and has called the IO module, and local storage module can prestore the business permission commonly used, can write into preferentially or save the help information between the different functional departments, cooperation information and the cooperation information between the different posts, also can save pre-arranged high in the clouds data simultaneously.
In some embodiments of the present disclosure, a package assembly module and a decapsulation module connected to the package assembly module are disposed in the local storage module, and the package assembly module and the decapsulation module jointly act on invocation and decapsulation of a known data package.
In some embodiments of the present disclosure, a plurality of parallel thread groups are connected outside the decapsulation module, a plurality of transmission channels for data classification transmission are integrated in each parallel thread group, each transmission channel can transmit data with a size of 0bit to 1600bit instantaneously, where bit represents a bit number.
In some embodiments of the present disclosure, a request unit, an authority unit, and a review unit of data communication are provided in the call IO module, and the request unit, the authority unit, and the review unit are provided in parallel in the call IO module.
In some embodiments of the present disclosure, a cache unit is further disposed in the call IO module, and a plurality of receiving lines for data transmission are uniformly distributed in the cache unit.
In some embodiments of the present disclosure, the request unit cooperates with the permission unit to intercept and prejudge data in a service system, where the service system includes multiple terminals, and each terminal includes at least one service.
In some embodiments of the present disclosure, a data reflow unit is disposed in the review unit, and the data reflow unit is configured to reflow at least one item of data information to review the content of the data information.
In some embodiments of the present disclosure, an android package group and an IOS package group are provided in the package set module, and service data packages are pre-stored in both the android package group and the IOS package group, where the service data packages include at least one service data program.
In some embodiments of the present disclosure, a data connection in the decapsulation module has an encapsulation unit and a decapsulation unit, and a session layer, a presentation layer, and an application layer are sequentially arranged in the encapsulation unit from bottom to top; the decapsulation unit is sequentially provided with a physical layer, a data link layer, a network layer and a transmission layer from bottom to top.
In some embodiments of the present disclosure, a data conversion interface is further disposed in the exchange module group, and the conversion interface is configured to convert different input data types.
Compared with the prior art, the method has the following advantages and beneficial effects: according to the method, the local storage and the calling IO module are arranged, authority authentication operation of cross-platform services and other services can be effectively carried out, after one-time authentication is carried out, after the authority authentication operation is recorded into the database, when relevant similar authority authentication is subsequently carried out, manual cooperation verification is not needed, calling processing can be directly carried out, repeated data authority authentication processes are greatly reduced, and the authority authentication speed under cross-platform, cross-application and cross-network conditions is improved.
Drawings
FIG. 1 is a schematic diagram of the internal modules of the apparatus of the present invention.
Detailed Description
Referring to fig. 1, the present embodiment provides a cross-device, cross-network, and cross-application authorization control device, which is already in an actual test stage.
The inventor finds that in daily police work, workers as information workers often need to perform work of respectively coordinating and notifying tasks of all departments one by one after meeting an alarm, the work often has the problem of untimely information transmission, and the linking effect of subsequent tasks is reduced.
In the following paragraphs, the different aspects of the embodiments are defined in more detail. Aspects so defined may be combined with any other aspect or aspects unless clearly indicated to the contrary. In particular, any feature considered to be preferred or advantageous may be combined with one or more other features considered to be preferred or advantageous. The terms "first", "second", and the like in the present invention are merely for convenience of description to distinguish different constituent elements having the same name, and do not denote a sequential or primary-secondary relationship.
Example 1
The device body comprises a device body with an insulating spacer material laid on the surface, wherein the insulating spacer material is laid for the purpose of placing the device body in an insulating environment so as to ensure that the device body can be prevented from generating any electric field, magnetic field and current, and the specific examples are as follows: electrified factory buildings, motor rooms and other scenes; meanwhile, the insulating material can be: insulating paint and insulating glue; a fibrous article; rubber, plastic and articles thereof; glass, ceramic articles; mica, asbestos and products thereof, the preferred choice of this embodiment is insulating paint, can effectively carry out reasonable laying to arbitrary device shape. Then, a local storage module used for different data gathering centralization is erected in the device body, the local storage module can be understood as a data storage center, at least one implementation mode of the embodiment is local offline storage of data, certainly, the local offline storage can also be combined storage of a cloud and the local, according to the use scene of the disclosure, in the actual use process, coordination operation among multiple departments can be involved, and because each department has own equipment, network, independent application system and the like, the preferred implementation mode of the disclosure stores relevant protocols and permissions which are written in or read after the cloud and the local offline, and a calling database is formed. The downstream data of the local storage module is connected with a calling IO module used for allocating different instructions and data, wherein the calling IO module can be adaptively set to be multi-directional calling, multi-platform calling or multi-thread calling according to an actual operation scene, and a preferred implementation mode is that the specific processes of the multi-platform calling and the calling are as follows: GRPC (lightweight communication protocol) and REST (resource representation form) protocols are written in the call IO module in advance, and through the combination of the functions of the GRPC and the REST protocols, the call processing of the occurred behaviors is completed, which helps to reduce the cost of repeated service operation instructions to the minimum in the special service environment of the present disclosure. Then, the call IO module and the local storage module jointly perform call processing on the number input and output data, the joint processing includes common processing in the same time period and continuous matching processing of successive time points. The upstream data of the local storage module is connected with an exchange module group for external data access and output, a plurality of data interfaces are arranged in the exchange module group, the number of the data interfaces is determined according to external use conditions and can be 2 or 3, and the preferred selection of the embodiment is 3, and the data interfaces correspond to applications, equipment and networks respectively; furthermore, the type of the data interface can be mini-HDMI, micro-HDMI, mini-USB, micro-USB, DP interface, DVI interface and VGA interface.
Example 2
In this embodiment, only different contents from those in embodiment 1 are described, a packet aggregation module and a decapsulation module are arranged in the local storage module, the packet aggregation module and the decapsulation module jointly act on the calling and decapsulating of the known data packet, a plurality of parallel thread groups are connected outside the decapsulation module, a plurality of transmission channels for classified transmission of data are integrated in each parallel thread group, each transmission channel can transmit data with a size of 0bit to 1600bit instantaneously, where bit represents a bit number.
The system comprises a program package collection module, a service data package, a decapsulation module and a service data package, wherein an android program package group and an IOS program package group are arranged in the program package collection module, service data program packages are pre-stored in the android program package group and the IOS program package group, at least one service data program is included in the service data program packages, a packaging unit and a decapsulation unit are connected in a data mode in the decapsulation module, and a session layer, a presentation layer and an application layer are sequentially arranged in the packaging unit from bottom to top; the decapsulation unit is sequentially provided with a physical layer, a data link layer, a network layer and a transport layer from bottom to top. The specific decapsulation process in this embodiment is: according to the prior art disclosed at present, decapsulation generally performs seven layers of communication protocols in a computer network, wherein a physical layer, a data link layer, a network layer and a transport layer complete data transmission services, a session layer, a presentation layer and an application layer face service users, data is transmitted through the network, the data needs to be transmitted layer by layer, if a host needs to transmit data to another host, a corresponding header is added to each layer of protocol, the process is called encapsulation.
Example 3
This embodiment only records the content different from embodiment 1, the request unit of being provided with data UNICOM in the call IO module, authority unit and review unit, the request unit, authority unit and review unit parallel arrangement are in calling the IO module, the request unit cooperation authority unit intercepts and predetermines the data in the business system, the business system is a plurality of terminals, every terminal includes at least one item of business, wherein the data interception adopts preset interception rule, intercept useless, data such as nothing record, the data after the interception can further carry out storage process, when meetting the same data next time, can in time call, wherein the whole thinking of interception method is: creating a service object, creating a corresponding service function, calling a this.walk method after creating the corresponding service function, traversing each attribute in the object, adding Getter and Setter to each attribute to perform data interception, wherein the this.walk method is the prior art and is not described in detail herein. And then, a data reflux unit is arranged in the reinspection unit and is used for carrying out reflux processing on at least one item of data information, wherein data reflux refers to carrying out reverse transmission on data and carrying out matching on attributes such as protocols and the like again, so that the success rate of the business permission taking effect and the contents of the reinspection data information are ensured.
Example 4
In this embodiment, only the content different from that in embodiment 1 is described, a cache unit is further disposed in the calling IO module, and a plurality of receiving lines for data transmission are uniformly distributed in the cache unit, where the number of the receiving lines may be 2 or 3, and the number of the receiving lines in this embodiment is preferably 3, which is specifically determined according to an operation scenario.
Example 5
The exchange module group is also internally provided with a data conversion interface, the conversion interface is used for converting different input data types, the data types comprise integers, floating point numbers and the like, the integers, the floating point numbers and the like can be obtained after conversion, and the conversion interface is arranged to ensure that the data diversification in different services can be more comprehensively adapted, so that the adaptability is improved.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (10)

1. The cross-equipment, cross-network and cross-application authority control device is characterized by comprising a device body, wherein an insulating partition material is laid on the surface of the device body, a local storage module used for collecting and concentrating different data is erected in the device body, the downstream data of the local storage module is connected with a calling IO module used for allocating different instructions and data, the calling IO module and the device body storage module are combined to carry out calling processing on data input and data output, the upstream data of the local storage module is connected with a switching module group used for accessing and outputting external data, and a plurality of data interfaces are arranged in the switching module group.
2. The cross-device, cross-network, and cross-application permission control device according to claim 1, wherein a package aggregation module and a decapsulation module for data connection with the package aggregation module are disposed in the local storage module, and the package aggregation module and the decapsulation module jointly act on invocation and decapsulation of known data packages.
3. The cross-device, cross-network and cross-application permission control device according to claim 2, wherein a plurality of parallel thread groups are externally connected to the decapsulation module, a plurality of transmission channels for classified transmission of data are integrated in each parallel thread group, and each transmission channel can instantaneously transmit data with a size of 0bit to 1600 bits, where bits represent bits.
4. The cross-device, cross-network and cross-application permission control device according to claim 1, wherein a request unit, a permission unit and a review unit for data communication are arranged in the call IO module, and the request unit, the permission unit and the review unit are arranged in the call IO module in parallel.
5. The cross-device, cross-network and cross-application permission control device according to claim 1, wherein a cache unit is further disposed in the call IO module, and a plurality of receiving lines for data transmission are uniformly distributed in the cache unit.
6. The cross-device, cross-network, and cross-application permission control device according to claim 4, wherein the request unit cooperates with the permission unit to intercept and pre-judge data in a service system, the service system is a plurality of terminals, and each terminal includes at least one service.
7. The cross-device, cross-network and cross-application permission control device according to claim 4, wherein a data reflow unit is disposed in the review unit, and the data reflow unit is configured to reflow at least one item of data information and review content of the data information.
8. The cross-device, cross-network and cross-application permission control device according to claim 2, wherein an android package group and an IOS package group are provided in the package collection module, and service data packages are pre-stored in both the android package group and the IOS package group, wherein the service data packages include at least one service data program therein.
9. The cross-device, cross-network and cross-application authority control device according to claim 2, wherein a packaging unit and a decapsulating unit are connected to data in the decapsulating module, and a session layer, a presentation layer and an application layer are sequentially arranged in the packaging unit from bottom to top; the decapsulation unit is sequentially provided with a physical layer, a data link layer, a network layer and a transmission layer from bottom to top.
10. The cross-device, cross-network, and cross-application permission control device according to claim 1, wherein a data conversion interface is further disposed in the exchange module group, and the conversion interface is used for converting different input data types.
CN202210527421.4A 2022-05-16 2022-05-16 Cross-device, cross-network and cross-application authority control device Pending CN115314238A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210527421.4A CN115314238A (en) 2022-05-16 2022-05-16 Cross-device, cross-network and cross-application authority control device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210527421.4A CN115314238A (en) 2022-05-16 2022-05-16 Cross-device, cross-network and cross-application authority control device

Publications (1)

Publication Number Publication Date
CN115314238A true CN115314238A (en) 2022-11-08

Family

ID=83854469

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210527421.4A Pending CN115314238A (en) 2022-05-16 2022-05-16 Cross-device, cross-network and cross-application authority control device

Country Status (1)

Country Link
CN (1) CN115314238A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115834584A (en) * 2022-11-23 2023-03-21 重庆紫光华山智安科技有限公司 Cross-network data transmission method, device, equipment and medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115834584A (en) * 2022-11-23 2023-03-21 重庆紫光华山智安科技有限公司 Cross-network data transmission method, device, equipment and medium
CN115834584B (en) * 2022-11-23 2024-05-24 重庆紫光华山智安科技有限公司 Cross-network data transmission method, device, equipment and medium

Similar Documents

Publication Publication Date Title
CN103078921B (en) A kind of transmission, the method and device of reception message
CN104038505A (en) Method and device for preventing IPSec (internet protocol security) replaying
CN104519129A (en) Data transmission method, device and system
CN115314238A (en) Cross-device, cross-network and cross-application authority control device
CN117319525A (en) Substation heterogeneous data fusion method and system based on CMS and MMS
CN103973874A (en) Device associating method and device
Huang et al. Design of gateway for monitoring system in IoT networks
CN105430665B (en) Realize the method and system of more net mixing scale networkings
CN105302664B (en) A kind of storage snapshot management method and system
CN104951417A (en) Method for achieving USB combined device suitable for high-capacity USIM
CN107508912A (en) Industrial Internet of things system and method based on data cloud platform
EP3849144A2 (en) Network architecture with fixed routing
CN111880769B (en) Abstract description method suitable for Internet of things application system interface and application thereof
Oh et al. CORBA based core middleware architecture supporting seamless interoperability between standard home network middlewares
CN103118023B (en) A kind of method and system of the data of transmission specification in a network
CN101963904A (en) Wireless network-based middleware system
CN107483275A (en) Configure the method, apparatus and system of wireless routing
CN114143144A (en) Distributed gateway-based micro-service calling method and device and related equipment
CN102110074A (en) Multi-core processor and flow classification control device and method thereof
CN207304622U (en) Industrial Internet of things system based on data cloud platform
Kornblum Protocol implementation and other performance issues for local and metropolitan area networks
CN106101205B (en) Transparent transmission cloud system for transparent transmission of remote data and transparent transmission method thereof
CN104202437A (en) System and method for realizing management of diversified data center
CN110839140B (en) Method and device for generating monitoring directory
CN113115346A (en) Gateway multi-protocol conversion device based on 5G and method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication