CN105635181B - A kind of data transmission method of decentralization - Google Patents

A kind of data transmission method of decentralization Download PDF

Info

Publication number
CN105635181B
CN105635181B CN201610129021.2A CN201610129021A CN105635181B CN 105635181 B CN105635181 B CN 105635181B CN 201610129021 A CN201610129021 A CN 201610129021A CN 105635181 B CN105635181 B CN 105635181B
Authority
CN
China
Prior art keywords
data
superclient
server
double
public network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610129021.2A
Other languages
Chinese (zh)
Other versions
CN105635181A (en
Inventor
陆成刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Gao Hang Intellectual Property Operation Co ltd
Information and Data Security Solutions Co Ltd
Original Assignee
Zhejiang University of Technology ZJUT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang University of Technology ZJUT filed Critical Zhejiang University of Technology ZJUT
Priority to CN201610129021.2A priority Critical patent/CN105635181B/en
Publication of CN105635181A publication Critical patent/CN105635181A/en
Application granted granted Critical
Publication of CN105635181B publication Critical patent/CN105635181B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

A kind of data transmission method of decentralization, in the system for realizing the transmission method, it is one or more services of public network that, which there is a side at data transmit-receive end, the other end is then multiple user terminals in VPN or LAN, when accessing network, the user terminal is docked with double service management and control programs, and double clients are disposed in boundary layer, double clients include external client and internal superclient end, and the external client is connect with public network.The present invention provides a kind of data transmission method for the decentralization promoting safety.

Description

A kind of data transmission method of decentralization
Technical field
The present invention relates to a kind of data transmission methods.
Background technology
Data transmission is generally required across complicated network structure on the internet, for example, data transmitting terminal in VPN, And the receiving terminal of data is on public network, or conversely, even both within different VPN.In this way, in data transmission It needs to dispose headend on the boundary layer of network, headend is usually back-to-back server-side and client journey Sequence, while being responsible for receiving data and transmission data, as shown in Figure 1.
In Fig. 1, data transmit-receive end is that user terminal is in local area network (LAN can be some VPN net) Access layer, headend (contain server-side/client) is in the boundary layer being connect with public network.The number of headend deployment It can be FTP, HTTP or Session Initiation Protocol according to communication protocol, can also be any the third Protocol, even proprietary protocol.It is in The force transfer for connecting and composing data between the transponder of different LAN or the boundary layers VPN by service/client, independent LAN or VPN within, each headend to multiple user terminals provide connection transmission service.So this is in one kind The network architecture of the heart establishes data force transfer between different networks by client/service connection.In addition, as aforementioned One of data transmit-receive end of Fig. 1 may be embodied on public network or other networks.
For the data forwarding network of centralization, there is apparent safety defects:
1. since headend is in boundary layer, there is public network address, and it is with server-side attribute, is susceptible to attack It hits;
2. again due to the configuration structure of its centralization, once its paralysis under attack, then lead to all users in the network The data-transmission interruptions of terminal;
3. also due to it is in Centroid, it converges the data of the roads Liao Ge user terminal, once it is under attack, it is easy to make At the leakage of all customer data.
Invention content
In order to overcome the lower deficiency of the safety of data with existing transmission method, the present invention, which provides, a kind of promoting safety The data transmission method of decentralization.
The technical solution adopted by the present invention to solve the technical problems is:
A kind of data transmission method of decentralization, in the system for realizing the transmission method, data transmit-receive end has a side to be One or more services of public network, the other end is then multiple user terminals in VPN or LAN, when accessing network, institute It states user terminal to dock with double service management and control programs, disposes double clients in boundary layer, double clients include external client End and internal superclient end, the external client are connect with public network;The process flow of double service management and control programs is as follows:
1) log-on data sending and receiving end, i.e. the server-side process of user side;
2) user terminal is waited for upload data, passed data are stored in the local A catalogues for distributing to double service management and control programs;
3) user terminal request data, the data of request is waited for be stored in the local B catalogues for distributing to double service management and control programs On, these data come from superclient end;
4) above step 2), step 3) executed using multi-threaded parallel, if wait for time-out if automatically exit from step 2), step Rapid 3) task;Otherwise until step 2), step 3) task are completed;
5) and etc. 2), after step 3) task exits, start another serve end program, the i.e. service of superclient end side End;The serve end program of this server-side process, i.e. user side exits;
6) it after superclient end side service routine starts, waits for superclient end to upload data, is stored in B catalogues;
7) superclient end request data, these data is waited for be stored in A catalogues, the data source is in user terminal;
8) above step 6), step 7) concurrently executed with multithreading, and be arranged waiting time-out;
9) after the completion of overtime or step 6), step 7), start user terminal service processes, and exit this server-side process, i.e., Exit the service routine of superclient end side.
Further, the superclient end uses the multithread mode each server-side of poll in turn.
Further, double service management and control programs are in access layer and are not equipped with public network address.
Further, from data transmit-receive end to the flow of public network data transmit-receive end transmission data packet:
1.1) data transmit-receive end uploads data to oneself side server-side;
1.2) failure is uploaded, is returned to 1.1);Otherwise it completes to send;
1.3) superclient end takes turns to poll road user, accesses the server-side of the road superclient end side, is downloaded;
1.4) 1.3) failed download returns to, otherwise complete to download;
1.5) externally client reads the data that superclient end is downloaded, and is sent to public network data transmit-receive end.
From public network data transmit-receive end to the flow of data transmit-receive end transmission data packet:
2.1) externally client to public network data transmit-receive end request data;
2.2) data of external client request are read at superclient end, take turns to the clothes of the own side of the double server-sides in the poll road Business end, and upload;
2.3) failure is uploaded, is returned to 2.2), otherwise completes to upload;
2.4) server-side request data of the data transmit-receive end to own side;
2.5) 2.4) request failure, returns to, otherwise request is downloaded and finished.
The present invention technical concept be:Design a kind of novel headend networking model so that its protocol programming connects Mouth is easy to be compatible with old past pattern, but overcomes the security risk of centralized architecture network.The method of this case design is suitble to data to receive The wherein side that starts is included within public network or the network different with the other end.
Decentralization pattern is also different from traditional P2P network structures, and each endpoint for participating in communication is pair in that mode Deng and this pattern communication protocol between old C/S it is also incompatible.And the decentralization data communication mode studied here does not have There is this defect.
Beneficial effects of the present invention are mainly manifested in:Safety is promoted, compatibility is preferably.
Description of the drawings
Fig. 1 is the schematic diagram of traditional data forwarding network.
Fig. 2 is the schematic diagram of data decentralization forwarding transmission.
Specific implementation mode
The invention will be further described below in conjunction with the accompanying drawings.
Reference Fig. 2, a kind of data transmission method of decentralization, a kind of special case in being applied for data forwarding, It is one or more services of public network that i.e., which there is a side at data transmit-receive end, and the other end is then multiple use in VPN or LAN Family terminal devises a data forwarding mode for avoiding centralization.
As shown in Fig. 2, data transmit-receive end is exactly traditional user terminal, when accessing network, particular formulation one is right with it The double service routines connect, protocol interface that user terminal with pair services dock the same (see Fig. 1) with traditional user terminal access It is constant, as it is double service management and control programs mechanism behind can explain in detail.A double client-side program is disposed in boundary layer, is internally One superclient end is communicated with double service routines of each user terminal docking, and protocol interface is constant;And externally this be one can Access the client at multiple public network data transmit-receives end, public network data transmit-receive end can be a FTP service, HTTP service, even It can be a cloud storage end.
The management and control program work principle of double services is as follows:
1) log-on data sending and receiving end, i.e. the server-side process of user side;
2) user terminal is waited for upload data, passed data are stored in the local A catalogues for distributing to double service management and control programs;
3) user terminal request data, the data of request is waited for be stored in the local B catalogues for distributing to double service management and control programs On, these data come from superclient end;
4) above step 2), step 3) executed using multi-threaded parallel, if wait for time-out if automatically exit from step 2), step Rapid 3) task;Otherwise until step 2), step 3) task are completed;
5) and etc. 2), after step 3) task exits, start another serve end program, the i.e. service of superclient end side End;The serve end program of this server-side process, i.e. user side exits;
6) it after superclient end side service routine starts, waits for superclient end to upload data, is stored in B catalogues;
7) superclient end request data, these data is waited for be stored in A catalogues, the data source is in user terminal;
8) above step 6), step 7) concurrently executed with multithreading, and be arranged waiting time-out;
9) after the completion of overtime or step 6), step 7), start user terminal service processes, and exit this server-side process, i.e., Exit the service routine of superclient end side.
It can be seen that double service management and control programs only alternately open, close two server-side processes, both sides are not led to Letter agreement is intervened, and the interactive interfacing agreement of both sides, data transmit-receive end (user terminal) and superclient end are not interfered with All it is that the work/of the service processes of oneself side is judged by protocol access success or failure or exits state.It is in this way so that double Service pipe diameter design can be compatible with any traditional communication protocol, accomplish the maximum multiplexing to history exploitation code.
The reasons why double service management and control programs so design is the needs synchronized based on data, that is, ensures both sides transceiving data Integrality, and the interaction protocol under original C/S frameworks is not influenced;In addition, with time-out or accessing and unsuccessfully ensureing stability sheet Body is exactly the common means of C/S frameworks, and network interruption may not only be mean only that by only accessing failure here, it is also possible to It is server-side by the reason of management and control stop.
The server-side of data transmit-receive end and oneself side communicates, no difference compared with traditional mode, except that clothes Business end is in access layer, and the ability of the data without converging each road terminal.The server-side at superclient end and oneself side Communication is also not have difference compared with traditional mode, except that superclient end uses the multithread mode each service of poll in turn End, therefore it only needs efficient concurrent capability.Double service management and control programs are in access layer and are not equipped with public network address, no Easy to be under attack, even if under attack, leakage of data, Transmission also can only occur on user terminal all the way.Super visitor Family end, external client machine configure public network address, but due to being client, this public network address can be changed, right The port that outer client accesses outer net can also be random, so not allowing under attack.In addition client-side program generally relatively takes Business end program wants high compared to safety itself.
From data transmit-receive end to the flow of public network data transmit-receive end transmission data packet:
1.1) data transmit-receive end uploads data to oneself side server-side;
1.2) failure is uploaded, is returned to 1.1);Otherwise it completes to send;
1.3) superclient end takes turns to poll road user, accesses the server-side of the road superclient end side, is downloaded;
1.4) 1.3) failed download returns to, otherwise complete to download;
1.5) externally client reads the data that superclient end is downloaded, and is sent to public network data transmit-receive end.
From public network data transmit-receive end to the flow of data transmit-receive end (user terminal) transmission data packet:
2.1) externally client to public network data transmit-receive end request data;
2.2) data of external client request are read at superclient end, take turns to the clothes of the own side of the double server-sides in the poll road Business end, and upload;
2.3) failure is uploaded, is returned to 2.2), otherwise completes to upload;
2.4) server-side request data of the data transmit-receive end to own side;
2.5) 2.4) request failure, returns to, otherwise request is downloaded and finished.

Claims (4)

1. a kind of data transmission method of decentralization, it is characterised in that:In the system for realizing the transmission method, data transmit-receive end One side is one or more services of public network, and the other end is then multiple user terminals in VPN or LAN, accesses net When network, the user terminal is docked with double service management and control programs, and double service management and control programs are in access layer and are not equipped with public affairs Net address disposes double clients in boundary layer, and double clients include external client and internal superclient end, described right Outer client is connect with public network;The process flow of double service management and control programs is as follows:
1) log-on data sending and receiving end, i.e. the server-side process of user side;
2) user terminal is waited for upload data, passed data are stored in the local A catalogues for distributing to double service management and control programs;
3) user terminal request data, the data of request is waited for be stored in the local B catalogues for distributing to double service management and control programs, this A little data come from superclient end;
4) above step 2), step 3) executed using multi-threaded parallel, if wait for time-out if automatically exit from step 2), step 3) Task;Otherwise until step 2), step 3) task are completed;
5) and etc. 2), after step 3) task exits, start another serve end program, the i.e. server-side of superclient end side;This The serve end program of server-side process, i.e. user side exits;
6) it after superclient end side service routine starts, waits for superclient end to upload data, is stored in B catalogues;
7) superclient end request data, these data is waited for be stored in A catalogues, the data source is in user terminal;
8) above step 6), step 7) concurrently executed with multithreading, and be arranged waiting time-out;
9) after the completion of overtime or step 6), step 7), start user terminal service processes, and exit this server-side process, that is, exit The service routine of superclient end side.
2. a kind of data transmission method of decentralization as described in claim 1, it is characterised in that:The superclient end makes With the multithread mode each server-side of poll in turn.
3. a kind of data transmission method of decentralization as claimed in claim 1 or 2, it is characterised in that:From data transmit-receive end To the flow of public network data transmit-receive end transmission data packet:
1.1) data transmit-receive end uploads data to oneself side server-side;
1.2) failure is uploaded, is returned to 1.1);Otherwise it completes to send;
1.3) superclient end takes turns to poll road user, accesses the server-side of the road superclient end side, is downloaded;
1.4) 1.3) failed download returns to, otherwise complete to download;
1.5) externally client reads the data that superclient end is downloaded, and is sent to public network data transmit-receive end.
4. a kind of data transmission method of decentralization as claimed in claim 1 or 2, it is characterised in that:It is received from public network data The flow started to data transmit-receive end transmission data packet:
2.1) externally client to public network data transmit-receive end request data;
2.2) data of external client request are read at superclient end, take turns to the service of the own side of the double server-sides in the poll road End, and upload;
2.3) failure is uploaded, is returned to 2.2), otherwise completes to upload;
2.4) server-side request data of the data transmit-receive end to own side;
2.5) 2.4) request failure, returns to, otherwise request is downloaded and finished.
CN201610129021.2A 2016-03-08 2016-03-08 A kind of data transmission method of decentralization Active CN105635181B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610129021.2A CN105635181B (en) 2016-03-08 2016-03-08 A kind of data transmission method of decentralization

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610129021.2A CN105635181B (en) 2016-03-08 2016-03-08 A kind of data transmission method of decentralization

Publications (2)

Publication Number Publication Date
CN105635181A CN105635181A (en) 2016-06-01
CN105635181B true CN105635181B (en) 2018-10-23

Family

ID=56049669

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610129021.2A Active CN105635181B (en) 2016-03-08 2016-03-08 A kind of data transmission method of decentralization

Country Status (1)

Country Link
CN (1) CN105635181B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107609148B (en) * 2017-09-21 2020-11-03 大连君方科技有限公司 Data flow collaboration system under weak network condition
CN108304734A (en) * 2018-02-05 2018-07-20 成都卓观信息技术有限公司 A kind of health account sharing method of decentralization
CN115022688A (en) * 2022-05-26 2022-09-06 海信视像科技股份有限公司 Display device and media data relay method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101340290A (en) * 2008-08-27 2009-01-07 张树新 Method, system and transmission card for safe data transmission between internal and external networks
CN105357238A (en) * 2014-08-19 2016-02-24 阿里巴巴集团控股有限公司 Point-to-point data transmission method and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5966406B2 (en) * 2012-02-15 2016-08-10 株式会社リコー Data relay system, apparatus and program

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101340290A (en) * 2008-08-27 2009-01-07 张树新 Method, system and transmission card for safe data transmission between internal and external networks
CN105357238A (en) * 2014-08-19 2016-02-24 阿里巴巴集团控股有限公司 Point-to-point data transmission method and device

Also Published As

Publication number Publication date
CN105635181A (en) 2016-06-01

Similar Documents

Publication Publication Date Title
US20200259713A1 (en) Transparent auto-negotiation of ethernet
TWI491229B (en) Seamless host migration based on nat type
CN105025387B (en) The method and system of IPTV intelligent terminal progress IPTV service and Internet service
CN105635181B (en) A kind of data transmission method of decentralization
EP3174261B1 (en) Multilink fusion method, server and client
CN104506567B (en) Data exchange method for gateway and server of Internet of things
JP2009093656A (en) Systems and methods for seamless host migration
USRE44104E1 (en) Cross-layer architecture for a network device
CN108781231B (en) Printer with dual media access control interface and uninterrupted interface change
WO2010081401A1 (en) Video service system
CN102142978B (en) Data backup transmission processing method, device and system
CN106412960A (en) Control method for realizing Wi-Fi (Wireless-Fidelity) network configuration
CN103067531B (en) A kind of public network IP address resources management distribution method
CN103401752A (en) Method and device of accessing virtual private network
CN103685398B (en) Communication connection method for building up and communication system
CN105721509B (en) A kind of server system
CN107645556B (en) It is a kind of to realize that SDN turns the isolated broadband access of control and keepalive method and device
CN107592360B (en) Internet of things data aggregation method and system based on hybrid cloud
CN106506457B (en) A kind of method and system of accessing terminal to network
CN106209927A (en) The interaction relation of a kind of multiple terminals safeguards system and method
CN103179224B (en) Method, client side and server for configuring IP (internet protocol) addresses
CN104780230A (en) Method of automatically acquiring cloud server IP address, system and cloud system
WO2015058413A1 (en) Data configuration method and network management server
US8737413B2 (en) Relay server and relay communication system
CN109218436A (en) A kind of lan device discovery method based on dual-port redundancy technique

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20190611

Address after: Room 1, Room 2, Lane 15, 1412, Yunduan Road, Nicheng, Pudong New Area, Shanghai, 20106

Patentee after: INFORMATION & DATA SECURITY SOLUTIONS Co.,Ltd.

Address before: Unit 2301-D, Bike Science and Technology Building, No. 9 Scientific Research Road, Yuehai Street High-tech Zone, Nanshan District, Shenzhen City, Guangdong Province, 518000

Patentee before: Shenzhen Gao Hang Intellectual Property Operation Co.,Ltd.

Effective date of registration: 20190611

Address after: Unit 2301-D, Bike Science and Technology Building, No. 9 Scientific Research Road, Yuehai Street High-tech Zone, Nanshan District, Shenzhen City, Guangdong Province, 518000

Patentee after: Shenzhen Gao Hang Intellectual Property Operation Co.,Ltd.

Address before: 310014 Zhejiang University of Technology, 18 Zhaowang Road, Zhaohui six District, Hangzhou, Zhejiang

Patentee before: Zhejiang University of Technology