Nothing Special   »   [go: up one dir, main page]

CN110968897A - Routing forwarding based on nginx and vx-api-gatway - Google Patents

Routing forwarding based on nginx and vx-api-gatway Download PDF

Info

Publication number
CN110968897A
CN110968897A CN201911384159.7A CN201911384159A CN110968897A CN 110968897 A CN110968897 A CN 110968897A CN 201911384159 A CN201911384159 A CN 201911384159A CN 110968897 A CN110968897 A CN 110968897A
Authority
CN
China
Prior art keywords
detection
data
grade
query
feedback
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911384159.7A
Other languages
Chinese (zh)
Inventor
聂少臣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Liaoning Zhenxing Bank Co Ltd
Original Assignee
Liaoning Zhenxing Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Liaoning Zhenxing Bank Co Ltd filed Critical Liaoning Zhenxing Bank Co Ltd
Priority to CN201911384159.7A priority Critical patent/CN110968897A/en
Publication of CN110968897A publication Critical patent/CN110968897A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Automation & Control Theory (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention belongs to the technical field of micro-services, and particularly relates to a method for realizing routing forwarding based on nginx and vx-api-gatway, which comprises a request end, a receiving end, a central processor and a feedback end, wherein the request end is in signal connection with the receiving end, the receiving end is in signal connection with the central processor, and the central processor is in signal connection with the feedback end; according to the invention, through setting the anomaly detection, when malicious query occurs, data can be intercepted under the action of the anomaly detection, and feedback is carried out through the feedback end, when illegal query occurs, data can be intercepted under the action of the anomaly detection, and feedback is carried out through the feedback end, when privacy query occurs, data can be intercepted under the action of the anomaly detection, and feedback is carried out through the feedback end, so that the safety of the invention is enhanced under the action of the anomaly detection.

Description

Routing forwarding based on nginx and vx-api-gatway
Technical Field
The invention belongs to the technical field of micro services, and particularly relates to a method for realizing route forwarding based on nginx and vx-api-gatway.
Background
At present, with the popularity of micro-service architecture, distributed application is more and more extensive, and many complex systems are split into micro-service forms for deployment, so that great hidden dangers exist in the complexity and safety of calling between micro-services and between systems, but the current micro-service retrieval information is not comprehensive, and the accuracy of information sources cannot be effectively prevented.
Disclosure of Invention
To solve the problems set forth in the background art described above. The invention provides a method for realizing route forwarding based on nginx and vx-api-gatway, which has the characteristic of good safety performance.
In order to achieve the purpose, the invention provides the following technical scheme: a routing forwarding is realized based on nginx and vx-api-gatway, and the method comprises a request end, a receiving end, a central processor and a feedback end, wherein the request end is in signal connection with the receiving end, the receiving end is in signal connection with the central processor, and the central processor is in signal connection with the feedback end, and the method comprises the following steps:
the method comprises the following steps: a user inquires through a request terminal;
step two: the request end transmits the data to the receiving end;
step three: the receiving end transmits the received data to the central processor;
step four: the central processor feeds back the inquired structure through the feedback end.
Preferably, the central processor includes an anomaly detection unit, a list detection unit, a level detection unit, and a database, the anomaly detection unit is electrically connected to the list detection unit, the list detection unit is electrically connected to the level detection unit, the level detection unit is electrically connected to the database, and the central processor detection method includes the following steps:
the method comprises the following steps: the central processor transmits the received data to the abnormity detection for detection;
step two: the abnormal detection transmits the data without abnormality to the list detection, and feeds back the data with abnormality;
step three: the list detection transmits the detected different data to the grade detection, or directly carries out the grade inquiry;
step four: and the grade detection carries out data query of different grades on the detected grades in the database respectively.
Preferably, the anomaly detection includes malicious query, illegal query and privacy query, the anomaly detection is electrically connected to the malicious query, the anomaly detection is electrically connected to the illegal query, the anomaly detection is electrically connected to the privacy query, and the detection method includes the following steps:
the method comprises the following steps: the abnormal detection firstly carries out malicious query on the data, and if the data has malicious search, the data is directly transmitted to a feedback end for feedback;
step two: carrying out illegal query on the data during the abnormal detection, and directly transmitting the data to a feedback end for feedback if illegal search exists;
step three: the data is subjected to privacy inquiry while the abnormality is detected, and if the data has the inquiry privacy, the data is directly transmitted to a feedback end for feedback;
step four: the anomaly detection passes data without anomalies to the roster detection.
Preferably, the list detection includes a black list and a white list, the list detection is electrically connected to the black list, and the list detection is electrically connected to the white list, and the detection method includes the following steps:
the method comprises the following steps: the method comprises the steps that blacklist detection is conducted on data, and if the detected data are blacklisted, the blacklist detection directly feeds back the detected data through a feedback end;
step two: the method comprises the following steps of detecting a list and simultaneously carrying out white list detection on data, and if the detected data is white, directly carrying out corresponding grade query on the detected data by the list detection;
step three: the roster detection passes the detected data to the level detection.
Preferably, the level detection includes a highest level, a middle level and a normal level, the level detection is electrically connected to the highest level, the level detection is electrically connected to the middle level, and the level detection is electrically connected to the normal level:
the method comprises the following steps: the grade detection firstly carries out highest grade query on the data, and if the highest grade is adopted, corresponding data is directly extracted from the database;
step two: carrying out grade detection and intermediate grade query on the data, and directly extracting corresponding data in the database if the data is the intermediate grade;
step three: carrying out grade detection and ordinary grade query on the data, and directly extracting corresponding data from the database if the data is ordinary grade;
step four: the database transmits the corresponding data to the feedback end for direct feedback.
Compared with the prior art, the invention has the beneficial effects that:
1. according to the invention, through setting the anomaly detection, when malicious query occurs, data can be intercepted under the action of the anomaly detection, and feedback is carried out through the feedback end, when illegal query occurs, data can be intercepted under the action of the anomaly detection, and feedback is carried out through the feedback end, when privacy query occurs, data can be intercepted under the action of the anomaly detection, and feedback is carried out through the feedback end, so that the safety of the invention is enhanced under the action of the anomaly detection.
2. According to the invention, through setting the list detection, when the detected data is a blacklist, interception is directly carried out, meanwhile, feedback is carried out through the feedback end, when the detected data is a white list, corresponding grade query can be directly carried out, and under the action of the list detection, the safety of the invention can be further enhanced.
3. According to the invention, through setting the grade detection, when the detected data is the highest grade, corresponding data extraction is directly carried out in the database, when the detected data is the middle grade, corresponding data extraction is directly carried out in the database, when the detected data is the common grade, corresponding data extraction is directly carried out in the database, and under the action of the grade detection, the efficiency of the invention is improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic diagram of the flow chart of the present invention;
FIG. 2 is a schematic diagram of the CPU of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
Referring to fig. 1-2, the present invention provides the following technical solutions: a routing forwarding is realized based on nginx and vx-api-gatway, and the method comprises a request end, a receiving end, a central processor and a feedback end, wherein the request end is in signal connection with the receiving end, the receiving end is in signal connection with the central processor, and the central processor is in signal connection with the feedback end, and the method comprises the following steps:
the method comprises the following steps: a user inquires through a request terminal;
step two: the request end transmits the data to the receiving end;
step three: the receiving end transmits the received data to the central processor;
step four: the central processor feeds back the inquired structure through the feedback end.
Specifically, the central processor comprises an anomaly detection unit, a list detection unit, a grade detection unit and a database, wherein the anomaly detection unit is electrically connected with the list detection unit, the list detection unit is electrically connected with the grade detection unit, the grade detection unit is electrically connected with the database, and the central processor detection method comprises the following steps:
the method comprises the following steps: the central processor transmits the received data to the abnormity detection for detection;
step two: the abnormal detection transmits the data without abnormality to the list detection, and feeds back the data with abnormality;
step three: the list detection transmits the detected different data to the grade detection, or directly carries out the grade inquiry;
step four: and the grade detection carries out data query of different grades on the detected grades in the database respectively.
Specifically, the anomaly detection includes malicious query, illegal query and privacy query, the anomaly detection is electrically connected with the malicious query, the anomaly detection is electrically connected with the illegal query, by setting the anomaly detection, when the malicious query occurs, the data can be intercepted under the action of the anomaly detection, and simultaneously feedback is performed through the feedback end, when the illegal query occurs, the data can be intercepted under the action of the anomaly detection, and simultaneously feedback is performed through the feedback end, when the privacy query occurs, the data can be intercepted under the action of the anomaly detection, and simultaneously feedback is performed through the feedback end, and under the action of the anomaly detection, the safety of the invention is enhanced, and the detection method includes the following steps:
the method comprises the following steps: the abnormal detection firstly carries out malicious query on the data, and if the data has malicious search, the data is directly transmitted to a feedback end for feedback;
step two: carrying out illegal query on the data during the abnormal detection, and directly transmitting the data to a feedback end for feedback if illegal search exists;
step three: the data is subjected to privacy inquiry while the abnormality is detected, and if the data has the inquiry privacy, the data is directly transmitted to a feedback end for feedback;
step four: the anomaly detection passes data without anomalies to the roster detection.
Specifically, the list detection includes a blacklist and a white list, the list detection is electrically connected with the blacklist, the list detection is electrically connected with the white list, through setting the list detection, when the detected data is the blacklist, interception is directly performed, meanwhile, feedback is performed through a feedback end, when the detected data is the white list, corresponding grade query can be directly performed, and under the action of the list detection, the safety of the invention can be further enhanced, and the detection method includes the following steps:
the method comprises the following steps: the method comprises the steps that blacklist detection is conducted on data, and if the detected data are blacklisted, the blacklist detection directly feeds back the detected data through a feedback end;
step two: the method comprises the following steps of detecting a list and simultaneously carrying out white list detection on data, and if the detected data is white, directly carrying out corresponding grade query on the detected data by the list detection;
step three: the roster detection passes the detected data to the level detection.
Specifically, the level detection comprises a highest level, a middle level and a common level, the level detection is electrically connected with the highest level, the level detection is electrically connected with the middle level, corresponding data extraction is directly performed in the database when the detected data is the highest level by setting the level detection, corresponding data extraction is directly performed in the database when the detected data is the middle level, corresponding data extraction is directly performed in the database when the detected data is the common level, and the efficiency of the invention is improved under the action of the level detection, wherein the level detection is electrically connected with the common level:
the method comprises the following steps: the grade detection firstly carries out highest grade query on the data, and if the highest grade is adopted, corresponding data is directly extracted from the database;
step two: carrying out grade detection and intermediate grade query on the data, and directly extracting corresponding data in the database if the data is the intermediate grade;
step three: carrying out grade detection and ordinary grade query on the data, and directly extracting corresponding data from the database if the data is ordinary grade;
step four: the database transmits the corresponding data to the feedback end for direct feedback.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (5)

1. A route forwarding is realized based on nginx and vx-api-gatway, including request end, receiving terminal, central processing unit and feedback end, characterized by that: the method comprises the following steps that:
the method comprises the following steps: a user inquires through a request terminal;
step two: the request end transmits the data to the receiving end;
step three: the receiving end transmits the received data to the central processor;
step four: the central processor feeds back the inquired structure through the feedback end.
2. The method of claim 1, wherein the routing forwarding is implemented based on nginx and vx-api-gatway, and wherein: the central processor comprises an anomaly detection unit, a list detection unit, a grade detection unit and a database, wherein the anomaly detection unit is electrically connected with the list detection unit, the list detection unit is electrically connected with the grade detection unit, the grade detection unit is electrically connected with the database, and the central processor detection method comprises the following steps:
the method comprises the following steps: the central processor transmits the received data to the abnormity detection for detection;
step two: the abnormal detection transmits the data without abnormality to the list detection, and feeds back the data with abnormality;
step three: the list detection transmits the detected different data to the grade detection, or directly carries out the grade inquiry;
step four: and the grade detection carries out data query of different grades on the detected grades in the database respectively.
3. The method of claim 1, wherein the routing forwarding is implemented based on nginx and vx-api-gatway, and wherein: the anomaly detection comprises malicious query, illegal query and privacy query, the anomaly detection is electrically connected with the malicious query, the anomaly detection is electrically connected with the illegal query, the anomaly detection is electrically connected with the privacy query, and the detection method comprises the following steps
The method comprises the following steps: the abnormal detection firstly carries out malicious query on the data, and if the data has malicious search, the data is directly transmitted to a feedback end for feedback;
step two: carrying out illegal query on the data during the abnormal detection, and directly transmitting the data to a feedback end for feedback if illegal search exists;
step three: the data is subjected to privacy inquiry while the abnormality is detected, and if the data has the inquiry privacy, the data is directly transmitted to a feedback end for feedback;
step four: the anomaly detection passes data without anomalies to the roster detection.
4. The method of claim 1, wherein the routing forwarding is implemented based on nginx and vx-api-gatway, and wherein: the list detection comprises a blacklist and a white list, the list detection is electrically connected with the blacklist, the list detection is electrically connected with the white list, and the detection method comprises the following steps:
the method comprises the following steps: the method comprises the steps that blacklist detection is conducted on data, and if the detected data are blacklisted, the blacklist detection directly feeds back the detected data through a feedback end;
step two: the method comprises the following steps of detecting a list and simultaneously carrying out white list detection on data, and if the detected data is white, directly carrying out corresponding grade query on the detected data by the list detection;
step three: the roster detection passes the detected data to the level detection.
5. The method of claim 1, wherein the routing forwarding is implemented based on nginx and vx-api-gatway, and wherein: the grade detection comprises a highest grade, a middle grade and a common grade, the grade detection is electrically connected with the highest grade, the grade detection is electrically connected with the middle grade, and the grade detection is electrically connected with the common grade:
the method comprises the following steps: the grade detection firstly carries out highest grade query on the data, and if the highest grade is adopted, corresponding data is directly extracted from the database;
step two: carrying out grade detection and intermediate grade query on the data, and directly extracting corresponding data in the database if the data is the intermediate grade;
step three: carrying out grade detection and ordinary grade query on the data, and directly extracting corresponding data from the database if the data is ordinary grade;
step four: the database transmits the corresponding data to the feedback end for direct feedback.
CN201911384159.7A 2019-12-28 2019-12-28 Routing forwarding based on nginx and vx-api-gatway Pending CN110968897A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911384159.7A CN110968897A (en) 2019-12-28 2019-12-28 Routing forwarding based on nginx and vx-api-gatway

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911384159.7A CN110968897A (en) 2019-12-28 2019-12-28 Routing forwarding based on nginx and vx-api-gatway

Publications (1)

Publication Number Publication Date
CN110968897A true CN110968897A (en) 2020-04-07

Family

ID=70037065

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911384159.7A Pending CN110968897A (en) 2019-12-28 2019-12-28 Routing forwarding based on nginx and vx-api-gatway

Country Status (1)

Country Link
CN (1) CN110968897A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103248472A (en) * 2013-04-16 2013-08-14 华为技术有限公司 Operation request processing method and system and attack identification device
CN103795679A (en) * 2012-10-26 2014-05-14 珠海市君天电子科技有限公司 Rapid detection method and system for phishing website
CN105119915A (en) * 2015-08-14 2015-12-02 中国传媒大学 Malicious domain detection method and device based on intelligence analysis
CN110334548A (en) * 2019-07-16 2019-10-15 桂林电子科技大学 A kind of data exception detection method based on difference privacy

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103795679A (en) * 2012-10-26 2014-05-14 珠海市君天电子科技有限公司 Rapid detection method and system for phishing website
CN103248472A (en) * 2013-04-16 2013-08-14 华为技术有限公司 Operation request processing method and system and attack identification device
CN105119915A (en) * 2015-08-14 2015-12-02 中国传媒大学 Malicious domain detection method and device based on intelligence analysis
CN110334548A (en) * 2019-07-16 2019-10-15 桂林电子科技大学 A kind of data exception detection method based on difference privacy

Similar Documents

Publication Publication Date Title
AU2012282792B2 (en) Syntactical fingerprinting
CN112019575B (en) Data packet processing method and device, computer equipment and storage medium
CN104462509A (en) Review spam detection method and device
EP1976153B1 (en) Communication link interception using link fingerprint analysis
CN103763690A (en) Method and device for sending short messages to mobile terminal from detection fake base station
CN104244254A (en) Method and device for detecting pseudo base station based on short message center number
CN101626368A (en) Device, method and system for preventing web page from being distorted
JP7049087B2 (en) Technology to detect suspicious electronic messages
CN106899948B (en) Pseudo base station discovery method, system, terminal and server
CN103391520B (en) A kind ofly tackle the malice method of note, terminal, server and system
CN101860822A (en) Method and system for monitoring spam messages
CN111147489B (en) Link camouflage-oriented fishfork attack mail discovery method and device
CN103546449A (en) E-mail virus detection method and device based on attachment formats
CN106998554B (en) Pseudo base station identification method and device
CN114339767B (en) Signaling detection method and device, electronic equipment and storage medium
CN102932753A (en) Method for intercepting spam multimedia message on link of multimedia system
CN110968897A (en) Routing forwarding based on nginx and vx-api-gatway
US20160189160A1 (en) System and method for deanonymization of digital currency users
CN105933217A (en) Message synchronization method and platform, network server and adaptive server
CN101494570A (en) Distributed concealed type insect hole detection method based on neighbourhood
US10762238B2 (en) Ascertaining network devices used with anonymous identifiers
CN105205390A (en) Security check system and security check method of mobile terminal
CN103001848B (en) Rubbish mail filtering method and device
CN111510415B (en) Method, device, equipment and storage medium for sharing and identifying blacklist number
CN106713285A (en) Website link security verification method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200407