A kind of data transmission method of decentralization
Technical field
The present invention relates to a kind of data transmission methods.
Background technology
Data transmission is generally required across complicated network structure on the internet, for example, data transmitting terminal in VPN,
And the receiving terminal of data is on public network, or conversely, even both within different VPN.In this way, in data transmission
It needs to dispose headend on the boundary layer of network, headend is usually back-to-back server-side and client journey
Sequence, while being responsible for receiving data and transmission data, as shown in Figure 1.
In Fig. 1, data transmit-receive end is that user terminal is in local area network (LAN can be some VPN net)
Access layer, headend (contain server-side/client) is in the boundary layer being connect with public network.The number of headend deployment
It can be FTP, HTTP or Session Initiation Protocol according to communication protocol, can also be any the third Protocol, even proprietary protocol.It is in
The force transfer for connecting and composing data between the transponder of different LAN or the boundary layers VPN by service/client, independent
LAN or VPN within, each headend to multiple user terminals provide connection transmission service.So this is in one kind
The network architecture of the heart establishes data force transfer between different networks by client/service connection.In addition, as aforementioned
One of data transmit-receive end of Fig. 1 may be embodied on public network or other networks.
For the data forwarding network of centralization, there is apparent safety defects:
1. since headend is in boundary layer, there is public network address, and it is with server-side attribute, is susceptible to attack
It hits;
2. again due to the configuration structure of its centralization, once its paralysis under attack, then lead to all users in the network
The data-transmission interruptions of terminal;
3. also due to it is in Centroid, it converges the data of the roads Liao Ge user terminal, once it is under attack, it is easy to make
At the leakage of all customer data.
Invention content
In order to overcome the lower deficiency of the safety of data with existing transmission method, the present invention, which provides, a kind of promoting safety
The data transmission method of decentralization.
The technical solution adopted by the present invention to solve the technical problems is:
A kind of data transmission method of decentralization, in the system for realizing the transmission method, data transmit-receive end has a side to be
One or more services of public network, the other end is then multiple user terminals in VPN or LAN, when accessing network, institute
It states user terminal to dock with double service management and control programs, disposes double clients in boundary layer, double clients include external client
End and internal superclient end, the external client are connect with public network;The process flow of double service management and control programs is as follows:
1) log-on data sending and receiving end, i.e. the server-side process of user side;
2) user terminal is waited for upload data, passed data are stored in the local A catalogues for distributing to double service management and control programs;
3) user terminal request data, the data of request is waited for be stored in the local B catalogues for distributing to double service management and control programs
On, these data come from superclient end;
4) above step 2), step 3) executed using multi-threaded parallel, if wait for time-out if automatically exit from step 2), step
Rapid 3) task;Otherwise until step 2), step 3) task are completed;
5) and etc. 2), after step 3) task exits, start another serve end program, the i.e. service of superclient end side
End;The serve end program of this server-side process, i.e. user side exits;
6) it after superclient end side service routine starts, waits for superclient end to upload data, is stored in B catalogues;
7) superclient end request data, these data is waited for be stored in A catalogues, the data source is in user terminal;
8) above step 6), step 7) concurrently executed with multithreading, and be arranged waiting time-out;
9) after the completion of overtime or step 6), step 7), start user terminal service processes, and exit this server-side process, i.e.,
Exit the service routine of superclient end side.
Further, the superclient end uses the multithread mode each server-side of poll in turn.
Further, double service management and control programs are in access layer and are not equipped with public network address.
Further, from data transmit-receive end to the flow of public network data transmit-receive end transmission data packet:
1.1) data transmit-receive end uploads data to oneself side server-side;
1.2) failure is uploaded, is returned to 1.1);Otherwise it completes to send;
1.3) superclient end takes turns to poll road user, accesses the server-side of the road superclient end side, is downloaded;
1.4) 1.3) failed download returns to, otherwise complete to download;
1.5) externally client reads the data that superclient end is downloaded, and is sent to public network data transmit-receive end.
From public network data transmit-receive end to the flow of data transmit-receive end transmission data packet:
2.1) externally client to public network data transmit-receive end request data;
2.2) data of external client request are read at superclient end, take turns to the clothes of the own side of the double server-sides in the poll road
Business end, and upload;
2.3) failure is uploaded, is returned to 2.2), otherwise completes to upload;
2.4) server-side request data of the data transmit-receive end to own side;
2.5) 2.4) request failure, returns to, otherwise request is downloaded and finished.
The present invention technical concept be:Design a kind of novel headend networking model so that its protocol programming connects
Mouth is easy to be compatible with old past pattern, but overcomes the security risk of centralized architecture network.The method of this case design is suitble to data to receive
The wherein side that starts is included within public network or the network different with the other end.
Decentralization pattern is also different from traditional P2P network structures, and each endpoint for participating in communication is pair in that mode
Deng and this pattern communication protocol between old C/S it is also incompatible.And the decentralization data communication mode studied here does not have
There is this defect.
Beneficial effects of the present invention are mainly manifested in:Safety is promoted, compatibility is preferably.
Description of the drawings
Fig. 1 is the schematic diagram of traditional data forwarding network.
Fig. 2 is the schematic diagram of data decentralization forwarding transmission.
Specific implementation mode
The invention will be further described below in conjunction with the accompanying drawings.
Reference Fig. 2, a kind of data transmission method of decentralization, a kind of special case in being applied for data forwarding,
It is one or more services of public network that i.e., which there is a side at data transmit-receive end, and the other end is then multiple use in VPN or LAN
Family terminal devises a data forwarding mode for avoiding centralization.
As shown in Fig. 2, data transmit-receive end is exactly traditional user terminal, when accessing network, particular formulation one is right with it
The double service routines connect, protocol interface that user terminal with pair services dock the same (see Fig. 1) with traditional user terminal access
It is constant, as it is double service management and control programs mechanism behind can explain in detail.A double client-side program is disposed in boundary layer, is internally
One superclient end is communicated with double service routines of each user terminal docking, and protocol interface is constant;And externally this be one can
Access the client at multiple public network data transmit-receives end, public network data transmit-receive end can be a FTP service, HTTP service, even
It can be a cloud storage end.
The management and control program work principle of double services is as follows:
1) log-on data sending and receiving end, i.e. the server-side process of user side;
2) user terminal is waited for upload data, passed data are stored in the local A catalogues for distributing to double service management and control programs;
3) user terminal request data, the data of request is waited for be stored in the local B catalogues for distributing to double service management and control programs
On, these data come from superclient end;
4) above step 2), step 3) executed using multi-threaded parallel, if wait for time-out if automatically exit from step 2), step
Rapid 3) task;Otherwise until step 2), step 3) task are completed;
5) and etc. 2), after step 3) task exits, start another serve end program, the i.e. service of superclient end side
End;The serve end program of this server-side process, i.e. user side exits;
6) it after superclient end side service routine starts, waits for superclient end to upload data, is stored in B catalogues;
7) superclient end request data, these data is waited for be stored in A catalogues, the data source is in user terminal;
8) above step 6), step 7) concurrently executed with multithreading, and be arranged waiting time-out;
9) after the completion of overtime or step 6), step 7), start user terminal service processes, and exit this server-side process, i.e.,
Exit the service routine of superclient end side.
It can be seen that double service management and control programs only alternately open, close two server-side processes, both sides are not led to
Letter agreement is intervened, and the interactive interfacing agreement of both sides, data transmit-receive end (user terminal) and superclient end are not interfered with
All it is that the work/of the service processes of oneself side is judged by protocol access success or failure or exits state.It is in this way so that double
Service pipe diameter design can be compatible with any traditional communication protocol, accomplish the maximum multiplexing to history exploitation code.
The reasons why double service management and control programs so design is the needs synchronized based on data, that is, ensures both sides transceiving data
Integrality, and the interaction protocol under original C/S frameworks is not influenced;In addition, with time-out or accessing and unsuccessfully ensureing stability sheet
Body is exactly the common means of C/S frameworks, and network interruption may not only be mean only that by only accessing failure here, it is also possible to
It is server-side by the reason of management and control stop.
The server-side of data transmit-receive end and oneself side communicates, no difference compared with traditional mode, except that clothes
Business end is in access layer, and the ability of the data without converging each road terminal.The server-side at superclient end and oneself side
Communication is also not have difference compared with traditional mode, except that superclient end uses the multithread mode each service of poll in turn
End, therefore it only needs efficient concurrent capability.Double service management and control programs are in access layer and are not equipped with public network address, no
Easy to be under attack, even if under attack, leakage of data, Transmission also can only occur on user terminal all the way.Super visitor
Family end, external client machine configure public network address, but due to being client, this public network address can be changed, right
The port that outer client accesses outer net can also be random, so not allowing under attack.In addition client-side program generally relatively takes
Business end program wants high compared to safety itself.
From data transmit-receive end to the flow of public network data transmit-receive end transmission data packet:
1.1) data transmit-receive end uploads data to oneself side server-side;
1.2) failure is uploaded, is returned to 1.1);Otherwise it completes to send;
1.3) superclient end takes turns to poll road user, accesses the server-side of the road superclient end side, is downloaded;
1.4) 1.3) failed download returns to, otherwise complete to download;
1.5) externally client reads the data that superclient end is downloaded, and is sent to public network data transmit-receive end.
From public network data transmit-receive end to the flow of data transmit-receive end (user terminal) transmission data packet:
2.1) externally client to public network data transmit-receive end request data;
2.2) data of external client request are read at superclient end, take turns to the clothes of the own side of the double server-sides in the poll road
Business end, and upload;
2.3) failure is uploaded, is returned to 2.2), otherwise completes to upload;
2.4) server-side request data of the data transmit-receive end to own side;
2.5) 2.4) request failure, returns to, otherwise request is downloaded and finished.