CN108880912A - A kind of IT O&M control system and method - Google Patents
A kind of IT O&M control system and method Download PDFInfo
- Publication number
- CN108880912A CN108880912A CN201810788852.XA CN201810788852A CN108880912A CN 108880912 A CN108880912 A CN 108880912A CN 201810788852 A CN201810788852 A CN 201810788852A CN 108880912 A CN108880912 A CN 108880912A
- Authority
- CN
- China
- Prior art keywords
- client
- user identity
- control
- server
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/22—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
This application provides a kind of IT O&M control system and methods, wherein the system includes:The system includes server and client;The client is connect with the server communication;The client is sent to server for generating O&M control request, and by O&M control request;O&M control instruction and service token are carried in the O&M control request;The server, for receiving the O&M control request of client transmission;Service token and O&M control instruction are carried in the O&M control request;The client is authenticated based on the service token, and after the authentication is passed, according to the O&M control instruction, obtains and execute O&M process control script corresponding with the O&M control instruction.IT operation maintenance personnel can monitor O&M object in real time by client, real-time O&M, and can complete complicated O&M operation, expand maintenance work personnel to the monitoring range of O&M object.
Description
Technical field
This application involves internet areas, in particular to a kind of IT O&M control system and method.
Background technique
In internet, Internet technology (Internet Technology, IT) O&M early has become important in IT service
Component part.Currently, IT operation maintenance personnel is by workbench, such as data center monitoring screen, to service condition and safety
Risk is monitored;When data center breaks down, IT O&M alarm system passes through warning light, the side of short message or wechat
Formula notifies IT operation maintenance personnel.
But since mobile phone terminal can not provide complicated operational capacity, IT O&M mode in the prior art, IT
Operation maintenance personnel is if it is intended to whether the service condition for initiatively understanding O&M object is normal, if there are when security risk, O&M
The complexity of operation results in operation maintenance personnel and is merely able to carry out investigation one by one by workbench;And mobile phone terminal cannot be passed through
It is handled at once, this just needs IT operation maintenance personnel that must reach workbench to complete complicated O&M operation, causes fortune
Inconvenience during dimension.
Summary of the invention
In view of this, the application be designed to provide a kind of IT O&M control system and method, IT operation maintenance personnel are not necessarily to
In fixed workbench, it will be able to complete complicated O&M operation, expand maintenance work personnel to the monitoring model of O&M object
It encloses.
In a first aspect, the embodiment of the present application provides a kind of IT O&M control system, which includes server and client
End;
The client is connect with the server communication;
The client is sent to server for generating O&M control request, and by O&M control request;It is described
O&M control instruction and service token are carried in O&M control request;
The server, for receiving the O&M control request of client transmission;It is carried in the O&M control request
Service token and O&M control instruction;The client is authenticated based on the service token, and after the authentication is passed,
According to the O&M control instruction, obtains and execute O&M process control script corresponding with the O&M control instruction.
With reference to first aspect, the embodiment of the present application provides the first possible embodiment of first aspect,
The client, is also used to:Generate authentication request;It is carried in the authentication request using default net
The User Identity of network key encryption;The authentication request is sent to the server;
The server, is also used to:Receive the authentication request that client is sent;It is carried in the authentication request
There is the User Identity using default netkey encryption;Using the default netkey to the User Identity into
Row decryption obtains the User Identity of decryption, and carries out identity to user according to the User Identity of decryption
Verifying, and after authentication passes through, permission grant is carried out for the client.
The possible embodiment of with reference to first aspect the first, the embodiment of the present application provide second of first aspect
Possible embodiment, wherein
The server is specifically used for being that the client carries out permission grant according to following step:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption,
And the target string is sent to client;
The target string is used to indicate the client according to the target string and the user identity mark
Know, the service token is generated based on preset algorithm;
And
The client is also used to:Receive the target string that server is sent;
Based on preset algorithm, the service token is generated according to the User Identity and the target string.
The possible embodiment of second with reference to first aspect, the embodiment of the present application provide the third of first aspect
Possible embodiment, wherein
In the O&M control request, the User Identity using the default netkey encryption is also carried;
It is described that the client is authenticated based on the service token, it specifically includes:
The User Identity is decrypted using the default netkey, obtains the user identity of decryption
Mark, and according to the User Identity of acquisition, obtain the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification is generated based on the preset algorithm and is enabled
Board;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
With reference to first aspect, the embodiment of the present application provides the 4th kind of possible embodiment of first aspect, wherein institute
It states in O&M control request, also carries client identification information;
The server is also used to, and after authentication does not pass through, records the client carried in the O&M control request
Hold identification information;
And the client identification information carried in the O&M control request based on record, whether detect the client
To attack client;
If so, the identification information based on the client, carries out attack protection processing to the client.
The 4th kind of possible embodiment with reference to first aspect, the embodiment of the present application provide first aspect the 5th kind can
The embodiment of energy, wherein
The server is specifically used for through following step based on the client mark carried in the O&M control request of record
Know information, detects whether the client is attack client:
According to the identification information of the client of record, detecting distance receives the same visitor in the current preset time
Whether the quantity of the O&M control request at family end reaches preset amount threshold;
If reaching, which is determined as to attack client.
The 4th kind of possible embodiment with reference to first aspect, the embodiment of the present application provide first aspect the 6th kind can
The embodiment of energy, wherein
The server is specifically used for through identification information of the following step based on the client, to the client into
The processing of row attack protection:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued
To the interface for receiving the O&M control request, so that the interface is in the O&M control request for receiving the client transmission
Afterwards, identification information and attack protection processing list item based on the client carried in O&M control request, by the fortune
Dimension control request abandons.
The third possible embodiment with reference to first aspect, the embodiment of the present application provides can in the 7th of first aspect
The embodiment of energy, wherein the server is specifically used for through following step according to the target string and the use
Family identity generates service verification token based on the preset algorithm:
The target string and the User Identity are spliced, generate splicing character string, and with the mesh
Mark character string is encryption key, is encrypted using predetermined encryption algorithm to the splicing character string, generates the service verification
Token.
Second aspect, the embodiment of the present application also provides a kind of IT O&M control methods, including,
It receives the O&M that client is sent and controls request;Service token and O&M are carried in the O&M control request
Control instruction;
The client is authenticated based on the service token, and after the authentication is passed, is controlled according to the O&M
Instruction, obtains and executes O&M process control script corresponding with the O&M control instruction.
In conjunction with second aspect, the embodiment of the present application provides the first possible embodiment of first aspect,
Receive the authentication request that client is sent;It is carried in the authentication request using default netkey
The User Identity of encryption;
The User Identity is decrypted using the default netkey, obtains the user identity of decryption
Mark, and authentication is carried out to user according to the User Identity of decryption, and be described after authentication passes through
Client carries out permission grant.
In conjunction with the first possible embodiment of second aspect, the embodiment of the present application provides second of first aspect
Possible embodiment, wherein
It is described to carry out permission grant for the client, it specifically includes:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption,
And the target string is sent to client;
The target string is used to indicate the client according to the target string and the user identity mark
Know, the service token is generated based on preset algorithm.
In conjunction with second of possible embodiment of second aspect, the embodiment of the present application provides the third of first aspect
Possible embodiment, wherein
In the O&M control request, the User Identity using the default netkey encryption is also carried;
It is described that the client is authenticated based on the service token, it specifically includes:
The User Identity is decrypted using the default netkey, obtains the user identity of decryption
Mark, and according to the User Identity of acquisition, obtain the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification is generated based on the preset algorithm and is enabled
Board;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
In conjunction with second aspect, the embodiment of the present application provides the 4th kind of possible embodiment of first aspect, wherein
In the O&M control request, client identification information is also carried;
The method also includes:After authentication does not pass through, the client mark carried in the O&M control request is recorded
Know information;
And the client identification information carried in the O&M control request based on record, whether detect the client
To attack client;
If so, the identification information based on the client, carries out attack protection processing to the client.
In conjunction with the 4th kind of possible embodiment of second aspect, the embodiment of the present application provide first aspect the 5th kind can
The embodiment of energy, wherein
The client identification information that carries in the O&M control request based on record, detect the client whether be
Client is attacked, is specifically included:
According to the identification information of the client of record, detecting distance receives the same visitor in the current preset time
Whether the quantity of the O&M control request at family end reaches preset amount threshold;
If reaching, which is determined as to attack client.
In conjunction with the 4th kind of possible embodiment of second aspect, the embodiment of the present application provide first aspect the 6th kind can
The embodiment of energy, wherein
Based on the identification information of the client, attack protection processing is carried out to the client, is specifically included:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued
To the interface for receiving the O&M control request, so that the interface is in the O&M control request for receiving the client transmission
Afterwards, identification information and attack protection processing list item based on the client carried in O&M control request, by the fortune
Dimension control request abandons.
In conjunction with the third possible embodiment of second aspect, the embodiment of the present application provides can in the 7th of first aspect
Can embodiment, wherein it is described according to the target string and the User Identity, be based on the preset algorithm
Service verification token is generated, is specifically included:
The target string and the User Identity are spliced, generate splicing character string, and with the mesh
Mark character string is encryption key, is encrypted using predetermined encryption algorithm to the splicing character string, generates the service verification
Token.
In conjunction with second aspect, the embodiment of the present application provides the first possible embodiment of first aspect,
Receive the authentication request that client is sent;It is carried in the authentication request using default netkey
The User Identity of encryption;
The User Identity is decrypted using the default netkey, obtains the user identity of decryption
Mark, and authentication is carried out to user according to the User Identity of decryption, and be described after authentication passes through
Client carries out permission grant.
In conjunction with the first possible embodiment of second aspect, the embodiment of the present application provides second of first aspect
Possible embodiment, wherein
It is described to carry out permission grant for the client, it specifically includes:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption,
And the target string is sent to client;
The target string is used to indicate the client according to the target string and the user identity mark
Know, the service token is generated based on preset algorithm.
In conjunction with second of possible embodiment of second aspect, the embodiment of the present application provides the third of first aspect
Possible embodiment, wherein
In the O&M control request, the User Identity using the default netkey encryption is also carried;
It is described that the client is authenticated based on the service token, it specifically includes:
The User Identity is decrypted using the default netkey, obtains the user identity of decryption
Mark, and according to the User Identity of acquisition, obtain the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification is generated based on the preset algorithm and is enabled
Board;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
In conjunction with second aspect, the embodiment of the present application provides the 4th kind of possible embodiment of first aspect, wherein
In the O&M control request, client identification information is also carried;
The method also includes:After authentication does not pass through, the client mark carried in the O&M control request is recorded
Know information;
And the client identification information carried in the O&M control request based on record, whether detect the client
To attack client;
If so, the identification information based on the client, carries out attack protection processing to the client.
In conjunction with the 4th kind of possible embodiment of second aspect, the embodiment of the present application provide first aspect the 5th kind can
The embodiment of energy, wherein
The client identification information that carries in the O&M control request based on record, detect the client whether be
Client is attacked, is specifically included:
According to the identification information of the client of record, detecting distance receives the same visitor in the current preset time
Whether the quantity of the O&M control request at family end reaches preset amount threshold;
If reaching, which is determined as to attack client.
In conjunction with the 4th kind of possible embodiment of second aspect, the embodiment of the present application provide first aspect the 6th kind can
The embodiment of energy, wherein
Based on the identification information of the client, attack protection processing is carried out to the client, is specifically included:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued
To the interface for receiving the O&M control request, so that the interface is in the O&M control request for receiving the client transmission
Afterwards, identification information and attack protection processing list item based on the client carried in O&M control request, by the fortune
Dimension control request abandons.
In conjunction with the third possible embodiment of second aspect, the embodiment of the present application provides can in the 7th of first aspect
Can embodiment, wherein it is described according to the target string and the User Identity, be based on the preset algorithm
Service verification token is generated, is specifically included:
The target string and the User Identity are spliced, generate splicing character string, and with the mesh
Mark character string is encryption key, is encrypted using predetermined encryption algorithm to the splicing character string, generates the service verification
Token.
The third aspect, the embodiment of the present application also provides a kind of IT O&M control methods, including,
O&M control request is generated, carries O&M control instruction and service token in the O&M control request;
The O&M control request is sent to server;
Wherein, the service token is authenticated for the server;The O&M control instruction is used for the service
Device, according to the O&M control instruction, obtains after the authentication is passed and executes O&M process corresponding with the O&M control instruction
Control script.
In conjunction with the third aspect, the embodiment of the present application provides the first possible embodiment of second aspect, wherein
Generate authentication request;User's body using default netkey encryption is carried in the authentication request
Part mark;
The authentication request is sent to the server;
The generation authentication request is used to indicate the server using the default netkey to the user
Identity is decrypted, and obtains the User Identity of decryption, and according to the User Identity of decryption to
Family carries out authentication, and after authentication passes through, and carries out permission grant for the client.
In conjunction with the first possible embodiment of the third aspect, the embodiment of the present application provides second of second aspect
Possible embodiment, wherein
Receive the target string that server is sent;
According to the target string and the User Identity, service token is generated based on the preset algorithm.
A kind of IT O&M method and system provided by the embodiments of the present application, can be and right by installing software in client
After client carries out authentication, according to the service token of client, client is authenticated, after authenticating successfully, according to visitor
The O&M that family end is sent controls request call O&M process control script, and IT operation maintenance personnel is not necessarily in fixed workbench, right
O&M object is monitored in real time, real-time O&M, and can complete complicated O&M operation, expands maintenance work personnel to O&M
The monitoring range of object.
To enable the above objects, features, and advantages of the application to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate
Appended attached drawing, is described in detail below.
Detailed description of the invention
Technical solution in ord to more clearly illustrate embodiments of the present application, below will be to needed in the embodiment attached
Figure is briefly described, it should be understood that the following drawings illustrates only some embodiments of the application, therefore is not construed as pair
The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this
A little attached drawings obtain other relevant attached drawings.
Fig. 1 shows a kind of structural schematic diagram of IT O&M control system provided by the embodiment of the present application;
Fig. 2 shows a kind of O&Ms provided by the embodiment of the present application to control exemplary specific flow chart;
Fig. 3 shows a kind of flow diagram of IT O&M control method provided by the embodiment of the present application;
Fig. 4 shows the flow diagram of another kind IT O&M control method provided by the embodiment of the present application;
Fig. 5 shows another IT O&M control method flow diagram provided by the embodiment of the present application;
Fig. 6 shows a kind of structural schematic diagram of computer equipment provided by the embodiment of the present application.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application
Middle attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only
It is some embodiments of the present application, instead of all the embodiments.The application being usually described and illustrated herein in the accompanying drawings is real
The component for applying example can be arranged and be designed with a variety of different configurations.Therefore, below to the application's provided in the accompanying drawings
The detailed description of embodiment is not intended to limit claimed scope of the present application, but is merely representative of the selected reality of the application
Apply example.Based on embodiments herein, those skilled in the art institute obtained without making creative work
There are other embodiments, shall fall in the protection scope of this application.
Currently, IT operation maintenance personnel is by workbench, such as data center monitoring screen, to service condition and security risk
It is monitored;When data center breaks down, for IT O&M alarm system by warning light, the mode of short message or wechat is logical
Know IT operation maintenance personnel.But since mobile phone terminal can not provide complicated operational capacity, the O&M side IT in the prior art
Formula, IT operation maintenance personnel is if it is intended to whether the service condition for initiatively understanding O&M object is normal, if there are when security risk,
The complexity of O&M operation results in operation maintenance personnel and is merely able to carry out investigation one by one by workbench;And mobile phone cannot be passed through
Terminal is handled at once, this just needs IT operation maintenance personnel that must reach workbench to complete complicated O&M operation, is caused
Inconvenience during O&M.
Based on this, the embodiment of the present application provides a kind of IT O&M method and system, and IT operation maintenance personnel can pass through movement
Client monitors O&M object in real time, real-time O&M, and can complete complicated O&M operation, expands maintenance work people
Monitoring range of the member to O&M object.It is described below by embodiment.
Shown in Figure 1, the embodiment of the present application provides a kind of IT O&M control system, the system include server 101 and
Client 102;
The client 102 is communicated to connect with the server 101;
The client 102 generates O&M control request, and O&M control request is sent to server 101;Institute
It states in O&M control request and carries O&M control instruction and service token;
The server 101 is used to receive the O&M control request of the transmission of client 102;It is taken in the O&M control request
With service token and O&M control instruction;The client 102 is authenticated based on the service token, and is being authenticated
By rear, according to the O&M control instruction, obtain and execute O&M process control foot corresponding with the O&M control instruction
This.
O&M control request refers to that client 102 initiates the request controlled O&M object, O&M to server 101
Service token and control instruction are carried in control request.Service token is for authenticating client 102, O&M control
Instruction is used to indicate the specific tasks that the needs of server 101 are executed according to client demand.Client 102 can be mobile whole
End, such as the intelligent mobile terminals such as mobile phone, tablet computer, are also possible to Specialised mobile terminal.
Specifically, server 101 can realize the authentication to client 102 using following manner:It is saved in server 101
There is information relevant to service token, and one can be generated for verifying client according to information relevant to service token
The service verification token of service token transmitted by end 102, then the two is compared, if the two is consistent, the authentication is passed,
The final authentication realized to client 102.
Herein, server 101 is to the authentication of client 102, and there are several types of implementations:
One:Server 101 and client 102 pre-save the User Identity of client, and set in advance
It is equipped with the identical service token generation method based on timestamp.Client 102 is when game server 101 for the first time, meeting
Its identity is sent to server 101;Server carries out body to client according to the User Identity that client is sent
Part verifying, and after authentication passes through, the User Identity of client is saved.
Before client 102 sends O&M control request to server 101, timestamp based on current time and
Its identity generates service token based on preset service token generation method, and by the service token and timestamp of generation
It carries in O&M control request, O&M control request is sent to server 101.Server is receiving client transmission
After O&M control request, based on the identity of the timestamp carried and client in O&M control request, and based on identical
Service token generation method generate service verification token, and the service token that carries and local terminal in O&M control request are generated
Service verification token be compared, if the two is consistent, the authentication is passed.
Herein, it should be noted that client during being interacted with server, entrained service token,
The information such as identity, timestamp can be encrypted using preset network code key in advance;Server is receiving these
After information, the preset network code key decryption, identity and service token after being decrypted can be used.
Secondly:Service token be when server 101 to client 102 carry out authentication pass through after, client 102
Feedback according to server 101 is generated, is used for the realization of server 101 to the authentication of client 102.
Specifically, its body user part mark can be sent to clothes when game server 101 for the first time by client 102
Business device 101;Server carries out authentication to client according to the identity that client is sent, and passes through in authentication
Afterwards, the User Identity of client is saved.Pass through in addition, server 101 carries out authentication to client 102
Afterwards, target string can be generated at random, the target string of generation is saved with corresponding User Identity, and by mesh
Mark character string feeds back to client 102.Wherein, the character string for the fixed digit that target string can be randomly generated,
It is also possible to the character string of random digit, is used to indicate client 102 and generates service token.
Client 101 can be based on preset algorithm, according to the use after receiving the target string of server feedback
Family identity and the target string generate the service token.
Before client 102 sends O&M control request to server 101, the service token of generation can be carried and transported
In dimension control request, O&M control request is sent to server 101.Server is in the O&M control for receiving client transmission
After request, based on the User Identity for carrying client in O&M control request, target character corresponding with the user is obtained
String, and service verification token is generated based on the preset algorithm for generating service token identical with client, and by O&M control
The service verification token that the service token and local terminal carried in system request generates is compared, if the two is consistent, authentication is logical
It crosses.
Herein, during carrying out data interaction with server, the User Identity etc. transmitted is all client
It is encrypted using default network key.
In addition, the embodiment of the present application also provides a kind of detailed process of authentication:
Each operation maintenance personnel being monitored using client 102 to O&M object is owned by respective user identity
Mark, User Identity are used for before being monitored to O&M object, carry out authentication.Client 102 uses default
Netkey User Identity is encrypted, and by encrypted User Identity carry in authentication request
In, it is sent to server 101.Herein, request is used to indicate server 101 and carries out authentication to user after authentication.
After server 101 receives the authentication request of the transmission of client 102, preset netkey pair will use
Encrypted User Identity is decrypted in authentication request, obtains User Identity.User Identity is used to
The identity of identity user, user can be IT maintenance work personnel, and IT maintenance work personnel are by client 102 to O&M object
It is controlled.The method of authentication herein can be, and the identity based on the key pair user to have made an appointment is verified,
Namely User Identity is one group of password, user has the client 102 of password to submit by user by input or by keeping
With the jointly owned password of server 101, when password is consistent, then subscriber authentication passes through.
Herein, netkey is server 101 and the key that client 102 consults in advance, and for safety, network is close
Key also will do it irregular update, and prevention attacker carries out malicious attack.
After authentication passes through, server 101 will carry out permission grant to client 102.Herein, to client 102
It is authorized, that is, when client 102 is monitored O&M object next time, it is only necessary to be verified using service token
Whether client 102 there is permission to be monitored to O&M object.
In above-mentioned one, server 101 can be and anti-to client by the permission that possesses for the open client of client
Feedback is verified information, to realize the authorization to client;In above-mentioned two, server 101 is carrying out authentication to client
By rear, target string can be generated at random, and target string is sent to client 102, target string can indicate visitor
Family end 102 generates service token namely client 102 is authorized to successfully.
When the client 102 of authorization requests to control O&M object again, server 101 need according to client
The service token carried in the O&M control request that end 102 is sent authenticates client 102.
Specifically, in IT O&M control system provided by the embodiments of the present application, the server is specifically used for according to following
Step authenticates the client:
The User Identity is decrypted using the default netkey, obtains the user identity of decryption
Mark, and according to the User Identity of acquisition, obtain the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification is generated based on the preset algorithm and is enabled
Board;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
When specific implementation, encrypted User Identity is decrypted using preset netkey, is obtained
User Identity after to decryption, and target string corresponding with User Identity is obtained according to User Identity,
Target string is spliced with corresponding User Identity, reuses AES encryption algorithm, using target string as plus
Key encrypts splicing character string, generates service verification token, and O&M is controlled to service token and clothes in request
Business verifying token is compared, if the two is consistent, the authentication is passed, if the two is inconsistent, server 101 is needed this client
102 identity information is recorded.
Herein, preset algorithm can be set according to actual use demand, generally, can be added using symmetric key
Close algorithm, ciphering process and decrypting process use target string corresponding with User Identity, the preset algorithm can be with
For:Advanced Encryption Standard (Advanced Encryption Standard, AES) Encryption Algorithm, data encryption standards (Data
Encryption Standard, DES) etc..
Such as:Target string is randomly generated one 16 character strings, by target string and corresponding user's body
Part mark is spliced, and is reused AES encryption algorithm, using target string as encryption key, is added to splicing character string
It is close.
Herein, service token is consistent with the generation method of service verification token, repeats place, is not repeating.
At this point, it should be noted that needing will be objective when the comparison of both service token and service verification token is inconsistent
102 identification information of family end is recorded.Wherein, 102 identification information of client is used to identify the identity of client 102, carries
Server 101 is sent in O&M control request.
When the comparison of both service token and service verification token is inconsistent, that is, the authentication to client 102 does not pass through
When, can 102 identification information of client to client 102 carry out record preservation, and detect this client 102 whether be attack visitor
Family end 102.
Server 101 can send the number of O&M control request to server 101 within a certain period of time according to client 102
Whether detection client 102 is attack client 102.Server 101 preserves preset time and preset amount threshold, when
Client 102 is received within a preset time sends the number of O&M control request more than preset quantity threshold to server 101
After value, then it is assumed that, this client 102 is attack client 102.
Such as:Server 101 is set in the time that client 102 in 1 minute sends O&M control request to server 101
More than 10 times, then it is assumed that client 102 is attack client 102.
When detecting client 102 to attack client 102, the corresponding client 102 for attacking client 102 can be marked
Know information and be added to attack protection processing list item, and attack protection processing list item is issued to the interface for receiving O&M control request, when
It, can be according to the mark letter of client 102 carried in O&M control request when the O&M of interface to client 102 controls request
It ceases and is inquired with 102 identification information of client in attack protection processing list item, if in the O&M control that this client 102 is sent
102 identification information of client of carrying can be handled in list item in attack protection and be inquired, then it is assumed that this client 102 is attack visitor
The O&M control request at family end 102, the corresponding client 102 is dropped.
After to client 102, the authentication is passed, server 101 can also control the O&M control carried in request based on O&M
System instruction, obtains and executes O&M process control script corresponding with O&M control instruction.
Specifically, herein, O&M control instruction can be the label for capableing of markup information, such as:Number, letter are simple
Label.Different O&M control scripts are corresponding with different functions, such as:Whether status of equipment in monitoring room checks application
It is abnormal, change air conditioner in machine room temperature, issue security strategy, disposes common business, computing resource dilatation, business gray scale is issued, therefore
Barrier alarm, the functions such as performance alarm;Corresponding different function, it is corresponding with O&M control instruction respectively.
For example, O&M control instruction is number, number 1 is corresponding with computing resource dilatation, receives when server 101
When O&M control instruction is 1, then server 101 can call script corresponding with computing resource dilatation function, execute computing resource
The function of dilatation.Front end exploitation can either be made to become lightweight, also can be realized when O&M control instruction is by hacker attack,
According only to number, the business function interface of server 101 can not be interpreted.
In addition, server 101 corresponds to different O&M process control script mark labels in advance, with O&M control instruction phase
It is corresponding, after receiving O&M control instruction, it will be able to obtain corresponding O&M according to O&M control instruction and control script.O&M
Control script can be Python script, Ansible script, Java script (JavaScript, JS), Visual Basic
Script (server-side of analytical type, VBScript), ActionScript (ActionScript, AS), dynamic state server page 101
Face (Active Server Page, ASP), 101 page of Java server (Java Server Pages, JSP), supertext
It pre-processes language (Hypertext Preprocessor, PHP), structured query language (Structured Query
Language, SQL), command line interpreter (Shell) script is any one in Power Shell script, Linux Shell script
Kind, it is also possible in above-mentioned script, a different script is combined, the function of different script executions is different, such as:Python foot
Originally the function of fault alarm, performance alarm can be executed;Ansible script can execute the common business of deployment, computing resource expands
Hold, the function of business gray scale publication.
The embodiment of the present application is by carrying out authentication, and pair based on service token Yu service verification token to user
Than after the authentication of client, calling O&M to control script according to O&M control instruction, and execute the function of O&M control script
Can, O&M object can be controlled, and then IT operation maintenance personnel can monitor O&M object in real time by client,
Real-time O&M, and complicated O&M operation can be completed, expand maintenance work personnel to the monitoring range of O&M object.
Example:
O&M control flow chart shown in Figure 2 is the App initiation logging request installed from client first, namely
Authentication request and O&M control request are sent to server, after server is according to authentication request, user is carried out
Authentication;After authentication passes through, client is authorized, if authentication fails, is entered by this user record
Audit log;If authentication passes through, client is authorized.
When user end to server sends O&M control instruction, server is obtained and is executed according to O&M control instruction
O&M controls script.
When controlling using mobile phone O&M object, application program (Application, App) is installed on mobile phone,
And O&M object is controlled by App.
The case where O&M controllers can obtain data center's monitoring room by the Log Analysis System on mobile phone A pp,
It, can the when there is any problem when data center's monitoring at any time it can be found that the concrete condition of data center's monitoring room
One time-triggered protocol problem.O&M controllers do not need to be monitored data center on the large-size screen monitors of monitoring room yet, Ke Yitong
It crosses App and sends the O&M that O&M control instruction carries out visual O&M, the O&M of automation and class of alarming, energy to server
It enough realizes network O&M, applied business and the safe visualization of application, can also be realized by a key in App
Deployment, O&M and the inspection of O&M object, a key carry out device failure alert, the functions such as room environment monitoring.
Based on the same inventive concept, IT O&M control corresponding with IT O&M control system is additionally provided in the embodiment of the present invention
Method processed, the above-mentioned IT of principle and the embodiment of the present invention solved the problems, such as due to the IT O&M control method in the embodiment of the present invention are transported
It is similar to tie up control system, therefore the implementation of IT O&M control method may refer to the implementation of IT O&M control system, repeats place
It repeats no more.
Firstly, being that server is illustrated IT O&M method from executing subject.
Shown in Figure 3, the embodiment of the present application provides a kind of IT O&M control method, and this method includes the following steps
S301-S302;
S301:It receives the O&M that client is sent and controls request;Carried in the O&M control request service token with
And O&M control instruction;
S302:The client is authenticated based on the service token, and after the authentication is passed, according to the O&M
Control instruction obtains and executes O&M process control script corresponding with the O&M control instruction.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
Receive the authentication request that client is sent;It is carried in the authentication request using default netkey
The User Identity of encryption;
The User Identity is decrypted using the default netkey, obtains the user identity of decryption
Mark, and authentication is carried out to user according to the User Identity of decryption, and be described after authentication passes through
Client carries out permission grant.
Optionally, described to be awarded for client progress permission in IT O&M control method provided by the embodiments of the present application
Power, specifically includes:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption,
And the target string is sent to client;
The target string is used to indicate the client according to the target string and the user identity mark
Know, the service token is generated based on preset algorithm.
Optionally, shown in Figure 4, IT O&M control method provided by the embodiments of the present application, with specific reference to following step
S401-S404 is based on the service token and authenticates to the client:
S401:The User Identity is decrypted using the default netkey, obtains the use of decryption
Family identity, and according to the User Identity of acquisition, obtain the target of preservation corresponding with the User Identity
Character string;
S402:According to the target string and the User Identity, service is generated based on the preset algorithm
Verify token;
S403:The service token and the service verification token that carry in O&M control request are compared;
S404:If the two is consistent, the authentication is passed.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
In the O&M control request, client identification information is also carried;
After authentication does not pass through, the client identification information carried in the O&M control request is recorded;
And the client identification information carried in the O&M control request based on record, whether detect the client
To attack client;
If so, the identification information based on the client, carries out attack protection processing to the client.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
According to the client identification information of record, detecting distance receives the same client in the current preset time
Whether the quantity of the O&M control request at end reaches preset amount threshold;
If reaching, which is determined as to attack client.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued
To the interface for receiving the O&M control request, so that the interface is in the O&M control request for receiving the client transmission
Afterwards, identification information and attack protection processing list item based on the client carried in O&M control request, by the fortune
Dimension control request abandons.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
The target string and the User Identity are spliced, generate splicing character string, and with the mesh
Mark character string is encryption key, is encrypted using preset algorithm to the splicing character string, generates the service verification token.
It is below that client is illustrated IT O&M method from executing subject:
Shown in Figure 5, the embodiment of the present application also provides another kind IT O&M control method, includes the following steps S501-
S502:
S501:O&M control request is generated, O&M control instruction is carried in the O&M control request and service enables
Board;
S502:The O&M control request is sent to server;
Wherein, the service token is authenticated for the server;The O&M control instruction is used for the service
Device, according to the O&M control instruction, obtains after the authentication is passed and executes O&M process corresponding with the O&M control instruction
Control script.
Optionally, another kind IT O&M control method provided by the embodiments of the present application specifically includes:
Generate authentication request;User's body using default netkey encryption is carried in the authentication request
Part mark;
The authentication request is sent to the server;
The generation authentication request is used to indicate the server using the default netkey to the user
Identity is decrypted, and obtains the User Identity of decryption, and according to the User Identity of decryption to
Family carries out authentication, and after authentication passes through, and carries out permission grant for the client.
Optionally, another kind IT O&M control method provided by the embodiments of the present application specifically includes:
Receive the target string that server is sent;
According to the target string and the User Identity, service token is generated based on the preset algorithm.
Corresponding to the IT O&M control method in above-described embodiment, the embodiment of the present application also provides a kind of computer equipments
600, as shown in fig. 6, the equipment includes memory 61, processor 62 and is stored on the memory 61 and can be in the processor 62
The computer program of upper operation, wherein above-mentioned processor 62 realizes above-mentioned IT O&M controlling party when executing above-mentioned computer program
The step of method.
Specifically, above-mentioned memory 61 and processor 62 can be general memory and processor, not do here specific
It limits, when the computer program of 62 run memory 61 of processor storage, is able to carry out above-mentioned IT O&M control method, IT fortune
Dimension personnel can monitor O&M object in real time by client, real-time O&M, and can complete complicated O&M operation,
Expand maintenance work personnel to the monitoring range of O&M object.
IT O&M control method, the embodiment of the present application also provides a kind of computer readable storage mediums, which can
It reads to be stored with computer program on storage medium, which executes above-mentioned IT O&M control method when being run by processor
The step of.
Specifically, which can be general storage medium, such as mobile disk, hard disk, on the storage medium
Computer program when being run, be able to carry out above-mentioned IT O&M control method, IT operation maintenance personnel can be by client to fortune
Dimensional object is monitored in real time, real-time O&M, and can complete complicated O&M operation, expands maintenance work personnel to O&M pair
The monitoring range of elephant.
The computer program product of IT O&M control method and system, including storage are carried out provided by the embodiment of the present application
The computer readable storage medium of program code, the instruction that said program code includes can be used for executing previous methods embodiment
Described in method, specific implementation can be found in embodiment of the method, details are not described herein.
In embodiment provided herein, it should be understood that disclosed device and method, it can be by others side
Formula is realized.The apparatus embodiments described above are merely exemplary, for example, the division of the unit, only one kind are patrolled
Function division is collected, there may be another division manner in actual implementation, in another example, multiple units or components can combine or can
To be integrated into another system, or some features can be ignored or not executed.Another point, shown or discussed is mutual
Coupling, direct-coupling or communication connection can be INDIRECT COUPLING or communication link by some communication interfaces, device or unit
It connects, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
In addition, each functional unit in embodiment provided by the present application can integrate in one processing unit, it can also
To be that each unit physically exists alone, can also be integrated in one unit with two or more units.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product
It is stored in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially in other words
The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter
Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a
People's computer, server or network equipment etc.) execute each embodiment the method for the application all or part of the steps.
And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited
The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing, in addition, term " the
One ", " second ", " third " etc. are only used for distinguishing description, are not understood to indicate or imply relative importance.
Finally it should be noted that:Embodiment described above, the only specific embodiment of the application, to illustrate the application
Technical solution, rather than its limitations, the protection scope of the application is not limited thereto, although with reference to the foregoing embodiments to this Shen
It please be described in detail, those skilled in the art should understand that:Anyone skilled in the art
Within the technical scope of the present application, it can still modify to technical solution documented by previous embodiment or can be light
It is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make
The essence of corresponding technical solution is detached from the spirit and scope of the embodiment of the present application technical solution.The protection in the application should all be covered
Within the scope of.Therefore, the protection scope of the application shall be subject to the protection scope of the claim.
Claims (19)
1. a kind of IT O&M control system, which is characterized in that the system includes server and client;
The client is connect with the server communication;
The client is sent to server for generating O&M control request, and by O&M control request;The O&M
O&M control instruction and service token are carried in control request;
The server, for receiving the O&M control request of client transmission;Service is carried in the O&M control request
Token and O&M control instruction;The client is authenticated based on the service token, and after the authentication is passed, according to
The O&M control instruction obtains and executes O&M process control script corresponding with the O&M control instruction.
2. system according to claim 1, which is characterized in that the client is also used to:Generate authentication request;
The User Identity using default netkey encryption is carried in the authentication request;By the authentication request
It is sent to the server;
The server, is also used to:Receive the authentication request that client is sent;Carrying in the authentication request makes
The User Identity encrypted with default netkey;The User Identity is solved using the default netkey
It is close, the User Identity of decryption is obtained, and authentication is carried out to user according to the User Identity of decryption,
And after authentication passes through, permission grant is carried out for the client.
3. system according to claim 2, which is characterized in that the server is specifically used for according to following step being described
Client carries out permission grant:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption, and
The target string is sent to client;
The target string, is used to indicate the client according to the target string and the User Identity,
The service token is generated based on preset algorithm;
And
The client is also used to:Receive the target string that server is sent;
Based on preset algorithm, the service token is generated according to the User Identity and the target string.
4. system according to claim 3, which is characterized in that the server is specifically used for according to following step to described
Client is authenticated:
The User Identity is decrypted using the default netkey, obtains the user identity mark of decryption
Know, and according to the User Identity of acquisition, obtains the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification token is generated based on the preset algorithm;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
5. system according to claim 1, which is characterized in that in the O&M control request, also carry client mark
Know information;
The server is also used to, and after authentication does not pass through, records the client mark carried in the O&M control request
Know information;
And the client identification information carried in the O&M control request based on record, detect whether the client is to attack
Hit client;
If so, the identification information based on the client, carries out attack protection processing to the client.
6. system according to claim 5, which is characterized in that the server is specifically used for being based on note by following step
The client identification information carried in the O&M control request of record detects whether the client is attack client:
According to the identification information of the client of record, detecting distance receives the same client in the current preset time
O&M control request quantity whether reach preset amount threshold;
If reaching, which is determined as to attack client.
7. system according to claim 5, which is characterized in that the server is specifically used for being based on institute by following step
The identification information for stating client carries out attack protection processing to the client:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued to and is connect
The interface of O&M control request is received, so that the interface is after receiving the O&M control request that the client is sent,
Identification information and attack protection processing list item based on the client carried in O&M control request, by the O&M control
System request abandons.
8. system according to claim 4, which is characterized in that the server is specifically used for through following step according to institute
Target string and the User Identity are stated, service verification token is generated based on the preset algorithm:
The target string and the User Identity are spliced, generate splicing character string, and with the target word
Symbol string is encryption key, is encrypted using predetermined encryption algorithm to the splicing character string, generates the service verification token.
9. a kind of IT O&M control method, which is characterized in that
It receives the O&M that client is sent and controls request;Service token and O&M control are carried in the O&M control request
Instruction;
The client is authenticated based on the service token, and after the authentication is passed, according to the O&M control instruction,
It obtains and executes O&M process control script corresponding with the O&M control instruction.
10. according to the method described in claim 9, it is characterized in that, this method further includes:
Receive the authentication request that client is sent;It carries in the authentication request and is encrypted using default netkey
User Identity;
The User Identity is decrypted using the default netkey, obtains the user identity mark of decryption
Know, and authentication is carried out to user according to the User Identity of decryption, and after authentication passes through, is the visitor
Family end carries out permission grant.
11. according to the method described in claim 10, it is characterized in that, described carry out permission grant for the client, specifically
Including:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption, and
The target string is sent to client;
The target string, is used to indicate the client according to the target string and the User Identity,
The service token is generated based on preset algorithm.
12. according to the method for claim 11, which is characterized in that in the O&M control request, also carry using institute
State the User Identity of default netkey encryption;
It is described that the client is authenticated based on the service token, it specifically includes:
The User Identity is decrypted using the default netkey, obtains the user identity mark of decryption
Know, and according to the User Identity of acquisition, obtains the target string of preservation corresponding with the User Identity;
According to the target string and the User Identity, service verification token is generated based on the preset algorithm;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
13. according to the method described in claim 9, it is characterized in that, also carrying client mark in O&M control request
Know information;
The method also includes:After authentication does not pass through, the client identification letter carried in the O&M control request is recorded
Breath;
And the client identification information carried in the O&M control request based on record, detect whether the client is to attack
Hit client;
If so, the identification information based on the client, carries out attack protection processing to the client.
14. according to the method for claim 13, which is characterized in that carried in the O&M control request based on record
Client identification information detects whether the client is attack client, specifically includes:
According to the client identification information of record, detecting distance receives the same client in the current preset time
Whether the quantity of O&M control request reaches preset amount threshold;
If reaching, which is determined as to attack client.
15. according to the method for claim 13, which is characterized in that the identification information based on the client, to the visitor
Family end carries out attack protection processing, specifically includes:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued to and is connect
The interface of O&M control request is received, so that the interface is after receiving the O&M control request that the client is sent,
Identification information and attack protection processing list item based on the client carried in O&M control request, by the O&M control
System request abandons.
16. according to the method for claim 12, which is characterized in that described according to the target string and the user
Identity generates service verification token based on the preset algorithm, specifically includes:
The target string and the User Identity are spliced, generate splicing character string, and with the target word
Symbol string is encryption key, is encrypted using preset algorithm to the splicing character string, generates the service verification token.
17. a kind of IT O&M control method, which is characterized in that
O&M control request is generated, carries O&M control instruction and service token in the O&M control request;
The O&M control request is sent to server;
Wherein, the service token is authenticated for the server;The O&M control instruction exists for the server
According to the O&M control instruction after the authentication is passed, obtains and execute O&M process control corresponding with the O&M control instruction
Script.
18. according to the method for claim 17, which is characterized in that further include:
Generate authentication request;The user identity mark using default netkey encryption is carried in the authentication request
Know;
The authentication request is sent to the server;
The generation authentication request is used to indicate the server using the default netkey to the user identity
Mark is decrypted, and obtains the User Identity of decryption, and according to the User Identity of decryption to user into
Row authentication, and after authentication passes through, permission grant is carried out for the client.
19. according to the method for claim 17, which is characterized in that further include:
Receive the target string that server is sent;
According to the target string and the User Identity, service token is generated based on the preset algorithm.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810788852.XA CN108880912A (en) | 2018-07-18 | 2018-07-18 | A kind of IT O&M control system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810788852.XA CN108880912A (en) | 2018-07-18 | 2018-07-18 | A kind of IT O&M control system and method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108880912A true CN108880912A (en) | 2018-11-23 |
Family
ID=64303129
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810788852.XA Pending CN108880912A (en) | 2018-07-18 | 2018-07-18 | A kind of IT O&M control system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108880912A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109871671A (en) * | 2018-12-15 | 2019-06-11 | 中国平安人寿保险股份有限公司 | O&M script execution, device, electronic equipment and storage medium |
CN111061555A (en) * | 2019-12-22 | 2020-04-24 | 济南浪潮数据技术有限公司 | Operation and maintenance method based on infrastructure and related device |
CN111555920A (en) * | 2020-04-29 | 2020-08-18 | 江苏恒信和安电子科技有限公司 | Intelligent operation and maintenance method, system, equipment and user side |
CN112464175A (en) * | 2020-11-11 | 2021-03-09 | 中国建设银行股份有限公司 | Script auditing and executing method, system, equipment and storage medium |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101848085A (en) * | 2009-03-25 | 2010-09-29 | 华为技术有限公司 | Communication system, verification device, and verification and signature method for message identity |
CN101873298A (en) * | 2009-04-21 | 2010-10-27 | 华为软件技术有限公司 | Registration method, terminal, server and system |
CN102013001B (en) * | 2010-12-06 | 2013-05-01 | 苏州国芯科技有限公司 | Card reader with authentication function and authentication method thereof |
CN105871796A (en) * | 2015-11-18 | 2016-08-17 | 乐视致新电子科技(天津)有限公司 | Router binding and controlling method and device |
CN106101079A (en) * | 2016-05-31 | 2016-11-09 | 努比亚技术有限公司 | A kind of method and system realizing encrypted signature |
CN106610845A (en) * | 2015-10-23 | 2017-05-03 | 北京国双科技有限公司 | Information management method, device, server and system |
CN106844137A (en) * | 2016-12-08 | 2017-06-13 | 腾讯科技(深圳)有限公司 | The monitoring method and device of server |
US20170195460A1 (en) * | 2016-01-06 | 2017-07-06 | Adobe Systems Incorporated | Robust computing device identification framework |
CN107465644A (en) * | 2016-06-03 | 2017-12-12 | 中兴通讯股份有限公司 | Data transmission method, data transmission client and data transmission actuator |
CN107547225A (en) * | 2016-06-28 | 2018-01-05 | 中兴通讯股份有限公司 | network element management method, device and mobile terminal |
-
2018
- 2018-07-18 CN CN201810788852.XA patent/CN108880912A/en active Pending
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101848085A (en) * | 2009-03-25 | 2010-09-29 | 华为技术有限公司 | Communication system, verification device, and verification and signature method for message identity |
CN101873298A (en) * | 2009-04-21 | 2010-10-27 | 华为软件技术有限公司 | Registration method, terminal, server and system |
CN102013001B (en) * | 2010-12-06 | 2013-05-01 | 苏州国芯科技有限公司 | Card reader with authentication function and authentication method thereof |
CN106610845A (en) * | 2015-10-23 | 2017-05-03 | 北京国双科技有限公司 | Information management method, device, server and system |
CN105871796A (en) * | 2015-11-18 | 2016-08-17 | 乐视致新电子科技(天津)有限公司 | Router binding and controlling method and device |
US20170195460A1 (en) * | 2016-01-06 | 2017-07-06 | Adobe Systems Incorporated | Robust computing device identification framework |
CN106101079A (en) * | 2016-05-31 | 2016-11-09 | 努比亚技术有限公司 | A kind of method and system realizing encrypted signature |
CN107465644A (en) * | 2016-06-03 | 2017-12-12 | 中兴通讯股份有限公司 | Data transmission method, data transmission client and data transmission actuator |
CN107547225A (en) * | 2016-06-28 | 2018-01-05 | 中兴通讯股份有限公司 | network element management method, device and mobile terminal |
CN106844137A (en) * | 2016-12-08 | 2017-06-13 | 腾讯科技(深圳)有限公司 | The monitoring method and device of server |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109871671A (en) * | 2018-12-15 | 2019-06-11 | 中国平安人寿保险股份有限公司 | O&M script execution, device, electronic equipment and storage medium |
CN111061555A (en) * | 2019-12-22 | 2020-04-24 | 济南浪潮数据技术有限公司 | Operation and maintenance method based on infrastructure and related device |
CN111555920A (en) * | 2020-04-29 | 2020-08-18 | 江苏恒信和安电子科技有限公司 | Intelligent operation and maintenance method, system, equipment and user side |
CN111555920B (en) * | 2020-04-29 | 2022-12-06 | 江苏恒信和安电子科技有限公司 | Intelligent operation and maintenance method, system, equipment and user side |
CN112464175A (en) * | 2020-11-11 | 2021-03-09 | 中国建设银行股份有限公司 | Script auditing and executing method, system, equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3219068B1 (en) | Method of identifying and counteracting internet attacks | |
CN108880912A (en) | A kind of IT O&M control system and method | |
CN104969231B (en) | The Password-proxy of security challenge auxiliary | |
CN114900338B (en) | Encryption and decryption method, device, equipment and medium | |
CN107342984A (en) | A kind of system, method and device for apparatus bound | |
CN106790238A (en) | It is a kind of to forge CSRF defence authentication method and device across station request | |
CN106487767A (en) | The update method of checking information and device | |
CN105554098A (en) | Device configuration method, server and system | |
CN109479056A (en) | For establishing the method and firewall system that arrive the communication connection of safety of industrial automation system | |
US20180302437A1 (en) | Methods of identifying and counteracting internet attacks | |
Jain et al. | Session hijacking: Threat analysis and countermeasures | |
CN114301705A (en) | Industrial control defense method and system based on trusted computing | |
CN110225038B (en) | Method, device and system for industrial information security | |
KR101206854B1 (en) | Authentication system and method based by unique identifier | |
CN110166471A (en) | A kind of portal authentication method and device | |
CN107251520A (en) | Method for the polymerization authentication protocol in M2M communication | |
CN107920044A (en) | A kind of safe verification method and device | |
CN108347411B (en) | Unified security guarantee method, firewall system, equipment and storage medium | |
CN110139163A (en) | A kind of method and relevant apparatus obtaining barrage | |
Darmawan et al. | Json web token penetration testing on cookie storage with csrf techniques | |
EP2888689B1 (en) | Data verification | |
US10931713B1 (en) | Passive detection of genuine web browsers based on security parameters | |
CN109886011A (en) | A kind of safety protecting method and device | |
KR101334771B1 (en) | surveillance system and method for authentication procedure based by unique identifier | |
CN113885425A (en) | Industrial field PLC network safety operation and maintenance method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |