CN101216874A - A cross-platform multi-channel data monitoring method - Google Patents
A cross-platform multi-channel data monitoring method Download PDFInfo
- Publication number
- CN101216874A CN101216874A CNA2008100452060A CN200810045206A CN101216874A CN 101216874 A CN101216874 A CN 101216874A CN A2008100452060 A CNA2008100452060 A CN A2008100452060A CN 200810045206 A CN200810045206 A CN 200810045206A CN 101216874 A CN101216874 A CN 101216874A
- Authority
- CN
- China
- Prior art keywords
- data
- data record
- monitor data
- function
- intercepted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention proposes a cross-platform multi-channel data monitoring method, which pertains to the field of information safety. The invention packages a virtual drive procedure into an independent module to be operated between a file system and an equipment drive which are arranged in a core of an operating system, so as to realize the non-relevance with the specific file system and the equipment drive procedure, thereby enabling application in different operating systems. The invention supports Windows, Unix, Linux, Oracle, SQL Server, DB2, MySQL, Sybase and other mainstream operating systems and database platforms, and supports multi-channel parallel data monitoring tasks; the invention is characterized by cross-platform, high efficiency and high real-time performance, and can be widely applied in data mirroring, data backup, data disaster recovery and other fields with broad application prospect.
Description
One, technical field
The present invention proposes a kind of cross-platform multi-channel data monitoring method, belong to information security field.
Two, background technology
Along with the continuous growth of network storage amount and people to the improving constantly of canned data security requirement, highly reliable data image, data disaster tolerance system etc. become the topic of people's growing interest.And the data monitoring technology is whole highly reliable data image, data disaster tolerance system key of success.The data monitoring method of comparative maturity mainly contains two kinds at present: 1) increase a new hardware and realize data monitoring, 2 on monitored device) utilize the file system of operating system to realize.Yet these two kinds of methods all have limitation separately in actual applications: its realization means or be closely related with the device object of monitoring, or closely related with the file system of operating system, so can not accomplish cross-platform data monitoring; And existing method synchronization generally only can be monitored a device object, can not realize multi-path monitoring.Also do not have a kind of method for supervising can accomplish across-platform monitoring at present, can accomplish multi-path monitoring again.
The Chinese patent publication number is that the application case of CN1352425 is a kind ofly to transform card and monitor operation to hard disk by increasing new hardware, and it only supports the IDE/ATA hard disk, and does not support multi-path monitoring.
The present invention proposes a kind of cross-platform multi-channel data monitoring method, have following characteristics:
1) cross-platform, support Windows, Unix, Linux and Oracle, SQL Server, DB2, mainstream operation system and database platforms such as MySQL, Sybase;
2) multichannel is supported the monitoring work of multidiameter delay task simultaneously;
3) real-time height can in time be intercepted and captured any to memory device I/O operation.
This method can be widely used in fields such as data image, data backup, data disaster tolerance, has broad application prospects.
Three, summary of the invention
The present invention proposes a kind of cross-platform multi-channel data monitoring method.This method is utilized a virtual device driver, realizes cross-platform multi-channel data monitoring.This virtual device driver is packaged into an independently module, run between the file system and device driver in the operating system nucleus, realize with concrete file system and device driver irrelevant, thereby this method can be applied in the operating system of different platform, thereby realizes cross-platform data monitoring.Because this virtual device driver runs on the device driver, even if application program such as database application system etc. are not directly submitted the I/O request to device driver by file system, virtual device driver also can be intercepted and captured its I/O operation.Like this, virtual device driver can the capturing operation system to any I/O operation of all memory devices, realized cross-platform multi-channel data monitoring: as long as a plurality of device objects that will monitor join in the monitored object tabulation of virtual device driver, virtual device driver just can be intercepted and captured I/O operation and the related data thereof to these equipment.
This method at first loads virtual device driver, and virtual device driver submits to the function S UBMIT replacement operation original I/O of system to submit function to self-defining I/O.Then, virtual device driver capturing operation system is to the I/O operation of monitored server all devices object, having only when this I/O operates is write operation, and the device object of this write operation is one of multi-path monitoring device object of current setting, just copy the data of write operation, obtain intercepted data.After obtaining intercepted data, related application can send it to remote storage server, thereby realizes the remote backup work of data, and the security when guaranteeing data transmission needs therebetween to carried out work such as data encryption, digest calculations by intercepted data.
Before elaborating the present invention, do earlier as giving a definition:
(1) device object set T: define equipment object set T={ disk, disk partition or other addressable memory devices }, all memory devices of expression monitored server.
(2) device object t: define equipment object t, t ∈ T, the memory device on the expression monitored server is as disk, disk partition or other addressable memory devices.
(3) intercepted data data: definition intercepted data data={d|d ∈ 0,1}
l, l ∈ N}, wherein N is the nature manifold, data represents the write operation data of virtual device driver copy monitored device and the data that obtain.
(4) monitored object tabulation L: definition monitored object tabulation L={target|target ∈ T} needs the device object of monitoring on the expression server.Each device object t that is added into monitored object tabulation L promptly is called as monitored device object target, when in the monitored object tabulation a plurality of equipment being arranged, realizes multi-channel data monitoring.
(5) encryption function D: establishing data is intercepted data, and code represents the ciphertext after intercepted data data encrypts, and computing method are: and code=D (data, k), wherein D is an encryption function, can be DES, IDEA, AES etc., k is an encryption key.
(6) digest value computing function H: establish the digest value that h represents ciphertext, h=H (code) then, wherein H is an one-way hash function, can be MD5, SHA-1 etc.
(7) monitor data record R: definition monitor data record
R={<target, offset, code, h〉| target ∈ T, offset ∈ N, code ∈ 0,1}
l, h ∈ 0,1}
l, l ∈ N}, wherein target is the monitored device object, and offset is the position of intercepted data at target, and code is the ciphertext after intercepted data is encrypted, and h is the digest value of ciphertext, N is the nature manifold.
Four, description of drawings
Fig. 1 is architectural framework figure.
Fig. 2 is the step of initialization virtual device driver.
Fig. 3 is the step that data are intercepted and captured.
Fig. 4 is the step that intercepted data is packaged into the monitor data record.
Fig. 5 is the step of transmission and storage monitor data record.
Five, embodiment
Describe concrete grammar of the present invention in detail below in conjunction with accompanying drawing.
Fig. 1 is architectural framework figure.
Fig. 1 is an architectural framework of the present invention.As shown in the figure, the present invention is by virtual device driver, and the encapsulation intercepted data sends data recording, and four parts of storage data recording are formed.Virtual device driver is intercepted and captured the I/O operation, and the data of the write operation of copy monitored device object obtain intercepted data data; Encapsulation intercepted data module is packaged into monitor data record R with intercepted data data; The transmission data recordin module writes down R with monitor data and issues remote storage server, and is preserved by the remote storage server storage.
Virtual device driver is packaged into an independently module, run between the file system and device drives in the operating system nucleus, realize haveing nothing to do with concrete file system, device driver, thereby this method can be applied in the operating system of different platform, thereby realizes cross-platform data monitoring.Operating system all can be intercepted and captured by virtual driving any I/O operation of all memory devices, as long as a plurality of device objects are joined among the monitored object tabulation L of virtual device driver, can realize the monitoring work to multichannel data.
Virtual device driver capturing operation system is to the operation of all memory device I/O, have only when this operation be write operation and this apparatus operating to as if during the current device object of monitoring, just copy its write operation data, acquisition intercepted data data.Then intercepted data data is encrypted, processing such as digest value calculating, and these results are encapsulated among the monitor data record R.At last, remote storage server issued in the monitor data record, preserve by the remote storage server storage.Like this, virtual device driver has just realized simultaneously the device object of different platform server being carried out the work of multi-channel data monitoring.
Particularly, the step of the cross-platform multi-channel data monitoring method of the present invention's proposition may further comprise the steps:
1) step of initialization virtual device driver;
2) step of data intercepting and capturing;
3) intercepted data is packaged into the step that monitor data writes down;
4) step of transmission and storage monitor data record.
Fig. 2 is the step of initialization virtual device driver.
Fig. 2 has provided the concrete grammar of initialization virtual device driver.Virtual device driver is loaded in the kernel of operating system, submits to the function S UBMIT replacement operation original I/O of system to submit function to the self-defining I/O of virtual device driver then.Concrete steps are as follows:
1) is written into the step of virtual device driver: be about to virtual device driver and be loaded in the kernel of operating system.
2) I/O of replacement operation system submits the step of function to: self-defining I/O submits function to virtual device driver
The original I/O of SUBMIT replacement operation system submits the step of function to.Concrete steps are as follows:
1. obtain I/O and submit function address to: obtain the original I/O of operating system and submit function address to;
2. judge that I/O submits to function whether to work: judge whether this function is handling the I/O request, if be true, then mark time and waits for a time interval, continues 2. then, otherwise next step;
3. submit to function S UBMIT to replace former I/O with I/O and submit function to: submit to the function S UBMIT replacement operation original I/O of system to submit function to I/O.
Fig. 3 is the step that data are intercepted and captured.
Fig. 3 has provided the concrete grammar that data are intercepted and captured.Initialization multi-path monitoring object at first joins all devices object t of needs monitoring among the monitored object tabulation L.Then begin to intercept and capture the I/O operation, but only copy the data of the write request of monitored device object.Concrete steps are as follows:
1) step of initialization multi-path monitoring object: go among all devices object t adding monitored object tabulation L that is about to need to monitor, when among the monitored object tabulation L a plurality of equipment being arranged, promptly realize multi-channel data monitoring to same station server.
2) step of intercepting and capturing I/O request msg: submit intercepting and capturing I/O operation among the function S UBMIT at I/O, only copy the data of the write request of monitored device object, obtain intercepted data data.Concrete steps are as follows:
1. intercept and capture the I/O request: all I/O requests that the capturing operation system is submitted to, promptly intercept and capture the I/O operation;
2. judge whether it is write request: judge whether this request is write request, if be true, then 6. next step otherwise change;
3. judge whether this device object monitored: judge this device object t whether in monitored object tabulation L, if be true, then next step, otherwise commentaries on classics is 6.;
4. copy the I/O request msg: copy the data that this writes the I/O request, obtain intercepted data data;
5. whether preserve data: it is full to detect current cache, if for very then mark time and wait for a time interval, continue detection again, otherwise intercepted data data is kept in the buffer memory;
6. submit the I/O request to: submit this I/O request to device driver.
Fig. 4 is the step that intercepted data is packaged into the monitor data record.
Fig. 4 has provided the concrete grammar that intercepted data is packaged into the monitor data record.At first the principle according to first in first out is taken out intercepted data data from buffer memory, then calculates the ciphertext code of each piece intercepted data data and the digest value h of ciphertext code, at last the result is kept among the monitor data record R.Concrete steps are as follows:
1) whether extract the step of data: detecting the buffer memory the inside has intercepted data data, if be that the principle according to first in first out is taken out intercepted data data very then from buffer memory, waits for a time interval otherwise mark time, and continues detection again;
2) calculate the step of ciphertext code: to each piece intercepted data data, calculate its ciphertext code=D (data, k);
3) step of calculating digest value h:, calculate its digest value h=H (code) to each ciphertext code;
4) encapsulation produces the step of monitor data record R: to each piece intercepted data data, and with its monitored device object target, side-play amount offset, digest value h, ciphertext code etc. are packaged into the monitor data record
R={<target, offset, code, h〉| target ∈ T, offset ∈ N, code ∈ 0,1}
l, h ∈ 0,1}
l, l ∈ N}, wherein N is the nature manifold.
Fig. 5 is the step of transmission and storage monitor data record.
Fig. 5 has provided the concrete grammar of transmission and storage data recording.Send data recordin module packaged monitor data record R is sent to remote storage server by network, remote storage server receives the monitor data record of different platform, and stores these monitor data records.Concrete steps are as follows:
1) set up the TCP step of connecting: by network, foundation is connected with the TCP of remote storage server;
2) transmit the step that monitor data writes down R: transmit monitor data record R to remote storage server, concrete steps are as follows:
1. send data recordin module and send the monitor data record: send data recordin module packaged monitor data record R is sent to remote storage server;
2. remote storage server receives the monitor data record: remote storage server receives and sends the monitor data record that data recordin module sends over;
3. judge whether monitor data recorder makes mistakes: remote storage server at first calculates the digest value of the ciphertext of monitor data record with the formula of definition (6), write down by the whether identical monitor data of judging reception of this value relatively and digest value during the monitor data that receives writes down then and whether make mistakes, if two digest value do not wait, then mean and make mistakes, notice sends the monitor data record that data recordin module retransfers current, 1. redirect otherwise continues next step then;
3) step of remote storage server storage monitor data record: remote storage server is preserved the monitor data record that receives, and notice sends data recordin module and transmits next bar monitor data record then.
Claims (3)
1. a cross-platform multi-channel data monitoring method is characterized in that may further comprise the steps: the step of initialization virtual device driver; The step that data are intercepted and captured; Intercepted data is packaged into the step of monitor data record; The step of transmission and storage monitor data record; Wherein:
1) step of initialization virtual device driver may further comprise the steps:
Be written into the step of virtual device driver;
The I/O of replacement operation system submits the step of function to, comprises obtaining the step that I/O submits function address to; Judge the step that I/O submits to function whether working; Submit to function S UBMIT to replace the step that original I/O submits function to I/O;
2) step of data intercepting and capturing may further comprise the steps:
The step of initialization multi-path monitoring object;
Intercept and capture the step of I/O request msg, comprise the step of intercepting and capturing the I/O request; Judge whether it is the step of write request;
Judge the step that this device object is whether monitored; The step of copy I/O request msg; Preserve the step of data; Submit the step of I/O request to;
3) step that intercepted data is packaged into monitor data record may further comprise the steps:
Extract the step of data;
Calculate the step of ciphertext;
Calculate the step of digest value;
Encapsulation produces the step of monitor data record;
4) step of transmission and storage monitor data record may further comprise the steps:
Set up the TCP step of connecting;
Transmit the step of monitor data record, comprise sending the step that data recordin module sends the monitor data record; Remote storage server receives the step of monitor data record; Judge the step whether monitor data recorder makes mistakes;
The step of remote storage server storage monitor data record.
2. a kind of cross-platform multi-channel data monitoring method according to claim 1, the cryptographic algorithm that it is characterized in that calculating ciphertext is DES, IDEA, AES or its improved cryptographic algorithm.
3. a kind of cross-platform multi-channel data monitoring method according to claim 1, the one-way hash function that it is characterized in that calculating digest value is MD5, SHA-1 or its improved one-way hash function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100452060A CN101216874A (en) | 2008-01-17 | 2008-01-17 | A cross-platform multi-channel data monitoring method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100452060A CN101216874A (en) | 2008-01-17 | 2008-01-17 | A cross-platform multi-channel data monitoring method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101216874A true CN101216874A (en) | 2008-07-09 |
Family
ID=39623305
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008100452060A Pending CN101216874A (en) | 2008-01-17 | 2008-01-17 | A cross-platform multi-channel data monitoring method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101216874A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546279A (en) * | 2010-12-27 | 2012-07-04 | 无锡华润上华科技有限公司 | Cross-platform timing program monitoring method |
| CN101635638B (en) * | 2008-07-25 | 2012-10-17 | 中兴通讯股份有限公司 | Disaster tolerance system and disaster tolerance method thereof |
| US8356193B2 (en) | 2009-05-19 | 2013-01-15 | International Business Machines Corporation | Scaling energy use in a virtualized environment |
| US8762680B2 (en) | 2009-05-19 | 2014-06-24 | International Business Machines Corporation | Scaling energy use in a virtualized environment |
| CN104572405A (en) * | 2014-12-12 | 2015-04-29 | 集时通(福建)信息科技有限公司 | Pc server operation system and database operation environment monitoring alarm system |
| CN117112072A (en) * | 2023-10-25 | 2023-11-24 | 成都云祺科技有限公司 | Cross-platform virtual machine drive replacement method, system and storage medium |
-
2008
- 2008-01-17 CN CNA2008100452060A patent/CN101216874A/en active Pending
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101635638B (en) * | 2008-07-25 | 2012-10-17 | 中兴通讯股份有限公司 | Disaster tolerance system and disaster tolerance method thereof |
| US8356193B2 (en) | 2009-05-19 | 2013-01-15 | International Business Machines Corporation | Scaling energy use in a virtualized environment |
| US8762680B2 (en) | 2009-05-19 | 2014-06-24 | International Business Machines Corporation | Scaling energy use in a virtualized environment |
| CN102546279A (en) * | 2010-12-27 | 2012-07-04 | 无锡华润上华科技有限公司 | Cross-platform timing program monitoring method |
| CN104572405A (en) * | 2014-12-12 | 2015-04-29 | 集时通(福建)信息科技有限公司 | Pc server operation system and database operation environment monitoring alarm system |
| CN117112072A (en) * | 2023-10-25 | 2023-11-24 | 成都云祺科技有限公司 | Cross-platform virtual machine drive replacement method, system and storage medium |
| CN117112072B (en) * | 2023-10-25 | 2023-12-22 | 成都云祺科技有限公司 | Cross-platform virtual machine drive replacement method, system and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101216874A (en) | A cross-platform multi-channel data monitoring method | |
| WO2020098843A3 (en) | System and method for blockchain-based data synchronization | |
| US9152578B1 (en) | Securing data replication, backup and mobility in cloud storage | |
| WO2019179543A3 (en) | Retrieving public data for blockchain networks using trusted execution environments | |
| US11194670B2 (en) | Synthesizing fully hydrated cloud snapshots | |
| US10216588B2 (en) | Database system recovery using preliminary and final slave node replay positions | |
| CN103902427B (en) | A kind of method with outer acquisition disk state | |
| JP4918940B2 (en) | Primary center virtual tape device, secondary center virtual tape device, virtual library system, and virtual tape control method | |
| CN105447046A (en) | Distributed system data consistency processing method, device and system | |
| CN110457190A (en) | A kind of full link monitoring method, apparatus and system based on block chain | |
| CN111563130A (en) | Data credible data management method and system based on block chain technology | |
| CN103916459A (en) | Big data filing and storing system | |
| US20150220355A1 (en) | Methods and apparatus for providing hypervisor level data services for server virtualization | |
| KR101357135B1 (en) | Apparatus for Collecting Log Information | |
| CN104270409A (en) | Method for efficiently utilizing centralized storage in cloud platform | |
| CN105045685A (en) | Backup method and apparatus for cached data and recovery method and apparatus for cached data | |
| CN103117878A (en) | Design method of Nagios-based distribution monitoring system | |
| CN108259569B (en) | Method and system for protecting agentless continuous data based on IPSAN shared storage | |
| WO2014206099A1 (en) | Method and device for collecting fault site information about multi-node server system | |
| CN110888778A (en) | Cloud desktop-based log file monitoring system and method | |
| CN104794143A (en) | Agent-free backup technology | |
| CN103685233B (en) | A kind of wooden horse monitoring method based on Windows kernel-driven | |
| CN100385407C (en) | Allopatric data image method of network information system | |
| EP4050867A3 (en) | Method and apparatus of synchronizing data, electronic device and storage medium | |
| KR20150056266A (en) | Engine for processing fixed form and non-fixed form bigdata for controlling factory plant method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C57 | Notification of unclear or unknown address | ||
| DD01 | Delivery of document by public notice |
Addressee: Li Tao Document name: Notification of Passing Preliminary Examination of the Application for Invention |
|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: SICHUAN GREAT TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: SICHUAN UNIVERSITY Effective date: 20100513 |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 610065 NO.24, SOUTH 1ST SECTION, 1ST RING ROAD, CHENGDU CITY, SICHUAN PROVINCE TO: 610041 2/F, COMPLEX BUILDING (FACING THE STREET), CHENGDU KEHUA MIDDLE ROAD PRIMARY SCHOOL, NO.2, CHANGSHOU ROAD, WUHOU DISTRICT, CHENGDU CITY |
|
| TA01 | Transfer of patent application right |
Effective date of registration: 20100513 Address after: 610041, Wuhou District, Changshou Road, Chengdu No. 2 Chengdu KELONG Road Primary School Street building two floor Applicant after: Sichuan Gerite Technology Co., Ltd. Address before: 610065 Sichuan, Chengdu, South Ring Road, No. 1, No. 24 Applicant before: Sichuan University |
|
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20080709 |