CN108880912A - A kind of IT O&M control system and method - Google Patents

A kind of IT O&M control system and method Download PDF

Info

Publication number
CN108880912A
CN108880912A CN201810788852.XA CN201810788852A CN108880912A CN 108880912 A CN108880912 A CN 108880912A CN 201810788852 A CN201810788852 A CN 201810788852A CN 108880912 A CN108880912 A CN 108880912A
Authority
CN
China
Prior art keywords
client
user identity
control
server
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810788852.XA
Other languages
Chinese (zh)
Inventor
刘浩
邱迪
魏建勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Holyzone Polytron Technologies Inc
Original Assignee
Beijing Holyzone Polytron Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Holyzone Polytron Technologies Inc filed Critical Beijing Holyzone Polytron Technologies Inc
Priority to CN201810788852.XA priority Critical patent/CN108880912A/en
Publication of CN108880912A publication Critical patent/CN108880912A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/28Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/22Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

This application provides a kind of IT O&M control system and methods, wherein the system includes:The system includes server and client;The client is connect with the server communication;The client is sent to server for generating O&M control request, and by O&M control request;O&M control instruction and service token are carried in the O&M control request;The server, for receiving the O&M control request of client transmission;Service token and O&M control instruction are carried in the O&M control request;The client is authenticated based on the service token, and after the authentication is passed, according to the O&M control instruction, obtains and execute O&M process control script corresponding with the O&M control instruction.IT operation maintenance personnel can monitor O&M object in real time by client, real-time O&M, and can complete complicated O&M operation, expand maintenance work personnel to the monitoring range of O&M object.

Description

A kind of IT O&M control system and method
Technical field
This application involves internet areas, in particular to a kind of IT O&M control system and method.
Background technique
In internet, Internet technology (Internet Technology, IT) O&M early has become important in IT service Component part.Currently, IT operation maintenance personnel is by workbench, such as data center monitoring screen, to service condition and safety Risk is monitored;When data center breaks down, IT O&M alarm system passes through warning light, the side of short message or wechat Formula notifies IT operation maintenance personnel.
But since mobile phone terminal can not provide complicated operational capacity, IT O&M mode in the prior art, IT Operation maintenance personnel is if it is intended to whether the service condition for initiatively understanding O&M object is normal, if there are when security risk, O&M The complexity of operation results in operation maintenance personnel and is merely able to carry out investigation one by one by workbench;And mobile phone terminal cannot be passed through It is handled at once, this just needs IT operation maintenance personnel that must reach workbench to complete complicated O&M operation, causes fortune Inconvenience during dimension.
Summary of the invention
In view of this, the application be designed to provide a kind of IT O&M control system and method, IT operation maintenance personnel are not necessarily to In fixed workbench, it will be able to complete complicated O&M operation, expand maintenance work personnel to the monitoring model of O&M object It encloses.
In a first aspect, the embodiment of the present application provides a kind of IT O&M control system, which includes server and client End;
The client is connect with the server communication;
The client is sent to server for generating O&M control request, and by O&M control request;It is described O&M control instruction and service token are carried in O&M control request;
The server, for receiving the O&M control request of client transmission;It is carried in the O&M control request Service token and O&M control instruction;The client is authenticated based on the service token, and after the authentication is passed, According to the O&M control instruction, obtains and execute O&M process control script corresponding with the O&M control instruction.
With reference to first aspect, the embodiment of the present application provides the first possible embodiment of first aspect,
The client, is also used to:Generate authentication request;It is carried in the authentication request using default net The User Identity of network key encryption;The authentication request is sent to the server;
The server, is also used to:Receive the authentication request that client is sent;It is carried in the authentication request There is the User Identity using default netkey encryption;Using the default netkey to the User Identity into Row decryption obtains the User Identity of decryption, and carries out identity to user according to the User Identity of decryption Verifying, and after authentication passes through, permission grant is carried out for the client.
The possible embodiment of with reference to first aspect the first, the embodiment of the present application provide second of first aspect Possible embodiment, wherein
The server is specifically used for being that the client carries out permission grant according to following step:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption, And the target string is sent to client;
The target string is used to indicate the client according to the target string and the user identity mark Know, the service token is generated based on preset algorithm;
And
The client is also used to:Receive the target string that server is sent;
Based on preset algorithm, the service token is generated according to the User Identity and the target string.
The possible embodiment of second with reference to first aspect, the embodiment of the present application provide the third of first aspect Possible embodiment, wherein
In the O&M control request, the User Identity using the default netkey encryption is also carried;
It is described that the client is authenticated based on the service token, it specifically includes:
The User Identity is decrypted using the default netkey, obtains the user identity of decryption Mark, and according to the User Identity of acquisition, obtain the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification is generated based on the preset algorithm and is enabled Board;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
With reference to first aspect, the embodiment of the present application provides the 4th kind of possible embodiment of first aspect, wherein institute It states in O&M control request, also carries client identification information;
The server is also used to, and after authentication does not pass through, records the client carried in the O&M control request Hold identification information;
And the client identification information carried in the O&M control request based on record, whether detect the client To attack client;
If so, the identification information based on the client, carries out attack protection processing to the client.
The 4th kind of possible embodiment with reference to first aspect, the embodiment of the present application provide first aspect the 5th kind can The embodiment of energy, wherein
The server is specifically used for through following step based on the client mark carried in the O&M control request of record Know information, detects whether the client is attack client:
According to the identification information of the client of record, detecting distance receives the same visitor in the current preset time Whether the quantity of the O&M control request at family end reaches preset amount threshold;
If reaching, which is determined as to attack client.
The 4th kind of possible embodiment with reference to first aspect, the embodiment of the present application provide first aspect the 6th kind can The embodiment of energy, wherein
The server is specifically used for through identification information of the following step based on the client, to the client into The processing of row attack protection:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued To the interface for receiving the O&M control request, so that the interface is in the O&M control request for receiving the client transmission Afterwards, identification information and attack protection processing list item based on the client carried in O&M control request, by the fortune Dimension control request abandons.
The third possible embodiment with reference to first aspect, the embodiment of the present application provides can in the 7th of first aspect The embodiment of energy, wherein the server is specifically used for through following step according to the target string and the use Family identity generates service verification token based on the preset algorithm:
The target string and the User Identity are spliced, generate splicing character string, and with the mesh Mark character string is encryption key, is encrypted using predetermined encryption algorithm to the splicing character string, generates the service verification Token.
Second aspect, the embodiment of the present application also provides a kind of IT O&M control methods, including,
It receives the O&M that client is sent and controls request;Service token and O&M are carried in the O&M control request Control instruction;
The client is authenticated based on the service token, and after the authentication is passed, is controlled according to the O&M Instruction, obtains and executes O&M process control script corresponding with the O&M control instruction.
In conjunction with second aspect, the embodiment of the present application provides the first possible embodiment of first aspect,
Receive the authentication request that client is sent;It is carried in the authentication request using default netkey The User Identity of encryption;
The User Identity is decrypted using the default netkey, obtains the user identity of decryption Mark, and authentication is carried out to user according to the User Identity of decryption, and be described after authentication passes through Client carries out permission grant.
In conjunction with the first possible embodiment of second aspect, the embodiment of the present application provides second of first aspect Possible embodiment, wherein
It is described to carry out permission grant for the client, it specifically includes:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption, And the target string is sent to client;
The target string is used to indicate the client according to the target string and the user identity mark Know, the service token is generated based on preset algorithm.
In conjunction with second of possible embodiment of second aspect, the embodiment of the present application provides the third of first aspect Possible embodiment, wherein
In the O&M control request, the User Identity using the default netkey encryption is also carried;
It is described that the client is authenticated based on the service token, it specifically includes:
The User Identity is decrypted using the default netkey, obtains the user identity of decryption Mark, and according to the User Identity of acquisition, obtain the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification is generated based on the preset algorithm and is enabled Board;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
In conjunction with second aspect, the embodiment of the present application provides the 4th kind of possible embodiment of first aspect, wherein
In the O&M control request, client identification information is also carried;
The method also includes:After authentication does not pass through, the client mark carried in the O&M control request is recorded Know information;
And the client identification information carried in the O&M control request based on record, whether detect the client To attack client;
If so, the identification information based on the client, carries out attack protection processing to the client.
In conjunction with the 4th kind of possible embodiment of second aspect, the embodiment of the present application provide first aspect the 5th kind can The embodiment of energy, wherein
The client identification information that carries in the O&M control request based on record, detect the client whether be Client is attacked, is specifically included:
According to the identification information of the client of record, detecting distance receives the same visitor in the current preset time Whether the quantity of the O&M control request at family end reaches preset amount threshold;
If reaching, which is determined as to attack client.
In conjunction with the 4th kind of possible embodiment of second aspect, the embodiment of the present application provide first aspect the 6th kind can The embodiment of energy, wherein
Based on the identification information of the client, attack protection processing is carried out to the client, is specifically included:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued To the interface for receiving the O&M control request, so that the interface is in the O&M control request for receiving the client transmission Afterwards, identification information and attack protection processing list item based on the client carried in O&M control request, by the fortune Dimension control request abandons.
In conjunction with the third possible embodiment of second aspect, the embodiment of the present application provides can in the 7th of first aspect Can embodiment, wherein it is described according to the target string and the User Identity, be based on the preset algorithm Service verification token is generated, is specifically included:
The target string and the User Identity are spliced, generate splicing character string, and with the mesh Mark character string is encryption key, is encrypted using predetermined encryption algorithm to the splicing character string, generates the service verification Token.
In conjunction with second aspect, the embodiment of the present application provides the first possible embodiment of first aspect,
Receive the authentication request that client is sent;It is carried in the authentication request using default netkey The User Identity of encryption;
The User Identity is decrypted using the default netkey, obtains the user identity of decryption Mark, and authentication is carried out to user according to the User Identity of decryption, and be described after authentication passes through Client carries out permission grant.
In conjunction with the first possible embodiment of second aspect, the embodiment of the present application provides second of first aspect Possible embodiment, wherein
It is described to carry out permission grant for the client, it specifically includes:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption, And the target string is sent to client;
The target string is used to indicate the client according to the target string and the user identity mark Know, the service token is generated based on preset algorithm.
In conjunction with second of possible embodiment of second aspect, the embodiment of the present application provides the third of first aspect Possible embodiment, wherein
In the O&M control request, the User Identity using the default netkey encryption is also carried;
It is described that the client is authenticated based on the service token, it specifically includes:
The User Identity is decrypted using the default netkey, obtains the user identity of decryption Mark, and according to the User Identity of acquisition, obtain the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification is generated based on the preset algorithm and is enabled Board;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
In conjunction with second aspect, the embodiment of the present application provides the 4th kind of possible embodiment of first aspect, wherein
In the O&M control request, client identification information is also carried;
The method also includes:After authentication does not pass through, the client mark carried in the O&M control request is recorded Know information;
And the client identification information carried in the O&M control request based on record, whether detect the client To attack client;
If so, the identification information based on the client, carries out attack protection processing to the client.
In conjunction with the 4th kind of possible embodiment of second aspect, the embodiment of the present application provide first aspect the 5th kind can The embodiment of energy, wherein
The client identification information that carries in the O&M control request based on record, detect the client whether be Client is attacked, is specifically included:
According to the identification information of the client of record, detecting distance receives the same visitor in the current preset time Whether the quantity of the O&M control request at family end reaches preset amount threshold;
If reaching, which is determined as to attack client.
In conjunction with the 4th kind of possible embodiment of second aspect, the embodiment of the present application provide first aspect the 6th kind can The embodiment of energy, wherein
Based on the identification information of the client, attack protection processing is carried out to the client, is specifically included:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued To the interface for receiving the O&M control request, so that the interface is in the O&M control request for receiving the client transmission Afterwards, identification information and attack protection processing list item based on the client carried in O&M control request, by the fortune Dimension control request abandons.
In conjunction with the third possible embodiment of second aspect, the embodiment of the present application provides can in the 7th of first aspect Can embodiment, wherein it is described according to the target string and the User Identity, be based on the preset algorithm Service verification token is generated, is specifically included:
The target string and the User Identity are spliced, generate splicing character string, and with the mesh Mark character string is encryption key, is encrypted using predetermined encryption algorithm to the splicing character string, generates the service verification Token.
The third aspect, the embodiment of the present application also provides a kind of IT O&M control methods, including,
O&M control request is generated, carries O&M control instruction and service token in the O&M control request;
The O&M control request is sent to server;
Wherein, the service token is authenticated for the server;The O&M control instruction is used for the service Device, according to the O&M control instruction, obtains after the authentication is passed and executes O&M process corresponding with the O&M control instruction Control script.
In conjunction with the third aspect, the embodiment of the present application provides the first possible embodiment of second aspect, wherein
Generate authentication request;User's body using default netkey encryption is carried in the authentication request Part mark;
The authentication request is sent to the server;
The generation authentication request is used to indicate the server using the default netkey to the user Identity is decrypted, and obtains the User Identity of decryption, and according to the User Identity of decryption to Family carries out authentication, and after authentication passes through, and carries out permission grant for the client.
In conjunction with the first possible embodiment of the third aspect, the embodiment of the present application provides second of second aspect Possible embodiment, wherein
Receive the target string that server is sent;
According to the target string and the User Identity, service token is generated based on the preset algorithm.
A kind of IT O&M method and system provided by the embodiments of the present application, can be and right by installing software in client After client carries out authentication, according to the service token of client, client is authenticated, after authenticating successfully, according to visitor The O&M that family end is sent controls request call O&M process control script, and IT operation maintenance personnel is not necessarily in fixed workbench, right O&M object is monitored in real time, real-time O&M, and can complete complicated O&M operation, expands maintenance work personnel to O&M The monitoring range of object.
To enable the above objects, features, and advantages of the application to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate Appended attached drawing, is described in detail below.
Detailed description of the invention
Technical solution in ord to more clearly illustrate embodiments of the present application, below will be to needed in the embodiment attached Figure is briefly described, it should be understood that the following drawings illustrates only some embodiments of the application, therefore is not construed as pair The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this A little attached drawings obtain other relevant attached drawings.
Fig. 1 shows a kind of structural schematic diagram of IT O&M control system provided by the embodiment of the present application;
Fig. 2 shows a kind of O&Ms provided by the embodiment of the present application to control exemplary specific flow chart;
Fig. 3 shows a kind of flow diagram of IT O&M control method provided by the embodiment of the present application;
Fig. 4 shows the flow diagram of another kind IT O&M control method provided by the embodiment of the present application;
Fig. 5 shows another IT O&M control method flow diagram provided by the embodiment of the present application;
Fig. 6 shows a kind of structural schematic diagram of computer equipment provided by the embodiment of the present application.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application Middle attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only It is some embodiments of the present application, instead of all the embodiments.The application being usually described and illustrated herein in the accompanying drawings is real The component for applying example can be arranged and be designed with a variety of different configurations.Therefore, below to the application's provided in the accompanying drawings The detailed description of embodiment is not intended to limit claimed scope of the present application, but is merely representative of the selected reality of the application Apply example.Based on embodiments herein, those skilled in the art institute obtained without making creative work There are other embodiments, shall fall in the protection scope of this application.
Currently, IT operation maintenance personnel is by workbench, such as data center monitoring screen, to service condition and security risk It is monitored;When data center breaks down, for IT O&M alarm system by warning light, the mode of short message or wechat is logical Know IT operation maintenance personnel.But since mobile phone terminal can not provide complicated operational capacity, the O&M side IT in the prior art Formula, IT operation maintenance personnel is if it is intended to whether the service condition for initiatively understanding O&M object is normal, if there are when security risk, The complexity of O&M operation results in operation maintenance personnel and is merely able to carry out investigation one by one by workbench;And mobile phone cannot be passed through Terminal is handled at once, this just needs IT operation maintenance personnel that must reach workbench to complete complicated O&M operation, is caused Inconvenience during O&M.
Based on this, the embodiment of the present application provides a kind of IT O&M method and system, and IT operation maintenance personnel can pass through movement Client monitors O&M object in real time, real-time O&M, and can complete complicated O&M operation, expands maintenance work people Monitoring range of the member to O&M object.It is described below by embodiment.
Shown in Figure 1, the embodiment of the present application provides a kind of IT O&M control system, the system include server 101 and Client 102;
The client 102 is communicated to connect with the server 101;
The client 102 generates O&M control request, and O&M control request is sent to server 101;Institute It states in O&M control request and carries O&M control instruction and service token;
The server 101 is used to receive the O&M control request of the transmission of client 102;It is taken in the O&M control request With service token and O&M control instruction;The client 102 is authenticated based on the service token, and is being authenticated By rear, according to the O&M control instruction, obtain and execute O&M process control foot corresponding with the O&M control instruction This.
O&M control request refers to that client 102 initiates the request controlled O&M object, O&M to server 101 Service token and control instruction are carried in control request.Service token is for authenticating client 102, O&M control Instruction is used to indicate the specific tasks that the needs of server 101 are executed according to client demand.Client 102 can be mobile whole End, such as the intelligent mobile terminals such as mobile phone, tablet computer, are also possible to Specialised mobile terminal.
Specifically, server 101 can realize the authentication to client 102 using following manner:It is saved in server 101 There is information relevant to service token, and one can be generated for verifying client according to information relevant to service token The service verification token of service token transmitted by end 102, then the two is compared, if the two is consistent, the authentication is passed, The final authentication realized to client 102.
Herein, server 101 is to the authentication of client 102, and there are several types of implementations:
One:Server 101 and client 102 pre-save the User Identity of client, and set in advance It is equipped with the identical service token generation method based on timestamp.Client 102 is when game server 101 for the first time, meeting Its identity is sent to server 101;Server carries out body to client according to the User Identity that client is sent Part verifying, and after authentication passes through, the User Identity of client is saved.
Before client 102 sends O&M control request to server 101, timestamp based on current time and Its identity generates service token based on preset service token generation method, and by the service token and timestamp of generation It carries in O&M control request, O&M control request is sent to server 101.Server is receiving client transmission After O&M control request, based on the identity of the timestamp carried and client in O&M control request, and based on identical Service token generation method generate service verification token, and the service token that carries and local terminal in O&M control request are generated Service verification token be compared, if the two is consistent, the authentication is passed.
Herein, it should be noted that client during being interacted with server, entrained service token, The information such as identity, timestamp can be encrypted using preset network code key in advance;Server is receiving these After information, the preset network code key decryption, identity and service token after being decrypted can be used.
Secondly:Service token be when server 101 to client 102 carry out authentication pass through after, client 102 Feedback according to server 101 is generated, is used for the realization of server 101 to the authentication of client 102.
Specifically, its body user part mark can be sent to clothes when game server 101 for the first time by client 102 Business device 101;Server carries out authentication to client according to the identity that client is sent, and passes through in authentication Afterwards, the User Identity of client is saved.Pass through in addition, server 101 carries out authentication to client 102 Afterwards, target string can be generated at random, the target string of generation is saved with corresponding User Identity, and by mesh Mark character string feeds back to client 102.Wherein, the character string for the fixed digit that target string can be randomly generated, It is also possible to the character string of random digit, is used to indicate client 102 and generates service token.
Client 101 can be based on preset algorithm, according to the use after receiving the target string of server feedback Family identity and the target string generate the service token.
Before client 102 sends O&M control request to server 101, the service token of generation can be carried and transported In dimension control request, O&M control request is sent to server 101.Server is in the O&M control for receiving client transmission After request, based on the User Identity for carrying client in O&M control request, target character corresponding with the user is obtained String, and service verification token is generated based on the preset algorithm for generating service token identical with client, and by O&M control The service verification token that the service token and local terminal carried in system request generates is compared, if the two is consistent, authentication is logical It crosses.
Herein, during carrying out data interaction with server, the User Identity etc. transmitted is all client It is encrypted using default network key.
In addition, the embodiment of the present application also provides a kind of detailed process of authentication:
Each operation maintenance personnel being monitored using client 102 to O&M object is owned by respective user identity Mark, User Identity are used for before being monitored to O&M object, carry out authentication.Client 102 uses default Netkey User Identity is encrypted, and by encrypted User Identity carry in authentication request In, it is sent to server 101.Herein, request is used to indicate server 101 and carries out authentication to user after authentication.
After server 101 receives the authentication request of the transmission of client 102, preset netkey pair will use Encrypted User Identity is decrypted in authentication request, obtains User Identity.User Identity is used to The identity of identity user, user can be IT maintenance work personnel, and IT maintenance work personnel are by client 102 to O&M object It is controlled.The method of authentication herein can be, and the identity based on the key pair user to have made an appointment is verified, Namely User Identity is one group of password, user has the client 102 of password to submit by user by input or by keeping With the jointly owned password of server 101, when password is consistent, then subscriber authentication passes through.
Herein, netkey is server 101 and the key that client 102 consults in advance, and for safety, network is close Key also will do it irregular update, and prevention attacker carries out malicious attack.
After authentication passes through, server 101 will carry out permission grant to client 102.Herein, to client 102 It is authorized, that is, when client 102 is monitored O&M object next time, it is only necessary to be verified using service token Whether client 102 there is permission to be monitored to O&M object.
In above-mentioned one, server 101 can be and anti-to client by the permission that possesses for the open client of client Feedback is verified information, to realize the authorization to client;In above-mentioned two, server 101 is carrying out authentication to client By rear, target string can be generated at random, and target string is sent to client 102, target string can indicate visitor Family end 102 generates service token namely client 102 is authorized to successfully.
When the client 102 of authorization requests to control O&M object again, server 101 need according to client The service token carried in the O&M control request that end 102 is sent authenticates client 102.
Specifically, in IT O&M control system provided by the embodiments of the present application, the server is specifically used for according to following Step authenticates the client:
The User Identity is decrypted using the default netkey, obtains the user identity of decryption Mark, and according to the User Identity of acquisition, obtain the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification is generated based on the preset algorithm and is enabled Board;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
When specific implementation, encrypted User Identity is decrypted using preset netkey, is obtained User Identity after to decryption, and target string corresponding with User Identity is obtained according to User Identity, Target string is spliced with corresponding User Identity, reuses AES encryption algorithm, using target string as plus Key encrypts splicing character string, generates service verification token, and O&M is controlled to service token and clothes in request Business verifying token is compared, if the two is consistent, the authentication is passed, if the two is inconsistent, server 101 is needed this client 102 identity information is recorded.
Herein, preset algorithm can be set according to actual use demand, generally, can be added using symmetric key Close algorithm, ciphering process and decrypting process use target string corresponding with User Identity, the preset algorithm can be with For:Advanced Encryption Standard (Advanced Encryption Standard, AES) Encryption Algorithm, data encryption standards (Data Encryption Standard, DES) etc..
Such as:Target string is randomly generated one 16 character strings, by target string and corresponding user's body Part mark is spliced, and is reused AES encryption algorithm, using target string as encryption key, is added to splicing character string It is close.
Herein, service token is consistent with the generation method of service verification token, repeats place, is not repeating.
At this point, it should be noted that needing will be objective when the comparison of both service token and service verification token is inconsistent 102 identification information of family end is recorded.Wherein, 102 identification information of client is used to identify the identity of client 102, carries Server 101 is sent in O&M control request.
When the comparison of both service token and service verification token is inconsistent, that is, the authentication to client 102 does not pass through When, can 102 identification information of client to client 102 carry out record preservation, and detect this client 102 whether be attack visitor Family end 102.
Server 101 can send the number of O&M control request to server 101 within a certain period of time according to client 102 Whether detection client 102 is attack client 102.Server 101 preserves preset time and preset amount threshold, when Client 102 is received within a preset time sends the number of O&M control request more than preset quantity threshold to server 101 After value, then it is assumed that, this client 102 is attack client 102.
Such as:Server 101 is set in the time that client 102 in 1 minute sends O&M control request to server 101 More than 10 times, then it is assumed that client 102 is attack client 102.
When detecting client 102 to attack client 102, the corresponding client 102 for attacking client 102 can be marked Know information and be added to attack protection processing list item, and attack protection processing list item is issued to the interface for receiving O&M control request, when It, can be according to the mark letter of client 102 carried in O&M control request when the O&M of interface to client 102 controls request It ceases and is inquired with 102 identification information of client in attack protection processing list item, if in the O&M control that this client 102 is sent 102 identification information of client of carrying can be handled in list item in attack protection and be inquired, then it is assumed that this client 102 is attack visitor The O&M control request at family end 102, the corresponding client 102 is dropped.
After to client 102, the authentication is passed, server 101 can also control the O&M control carried in request based on O&M System instruction, obtains and executes O&M process control script corresponding with O&M control instruction.
Specifically, herein, O&M control instruction can be the label for capableing of markup information, such as:Number, letter are simple Label.Different O&M control scripts are corresponding with different functions, such as:Whether status of equipment in monitoring room checks application It is abnormal, change air conditioner in machine room temperature, issue security strategy, disposes common business, computing resource dilatation, business gray scale is issued, therefore Barrier alarm, the functions such as performance alarm;Corresponding different function, it is corresponding with O&M control instruction respectively.
For example, O&M control instruction is number, number 1 is corresponding with computing resource dilatation, receives when server 101 When O&M control instruction is 1, then server 101 can call script corresponding with computing resource dilatation function, execute computing resource The function of dilatation.Front end exploitation can either be made to become lightweight, also can be realized when O&M control instruction is by hacker attack, According only to number, the business function interface of server 101 can not be interpreted.
In addition, server 101 corresponds to different O&M process control script mark labels in advance, with O&M control instruction phase It is corresponding, after receiving O&M control instruction, it will be able to obtain corresponding O&M according to O&M control instruction and control script.O&M Control script can be Python script, Ansible script, Java script (JavaScript, JS), Visual Basic Script (server-side of analytical type, VBScript), ActionScript (ActionScript, AS), dynamic state server page 101 Face (Active Server Page, ASP), 101 page of Java server (Java Server Pages, JSP), supertext It pre-processes language (Hypertext Preprocessor, PHP), structured query language (Structured Query Language, SQL), command line interpreter (Shell) script is any one in Power Shell script, Linux Shell script Kind, it is also possible in above-mentioned script, a different script is combined, the function of different script executions is different, such as:Python foot Originally the function of fault alarm, performance alarm can be executed;Ansible script can execute the common business of deployment, computing resource expands Hold, the function of business gray scale publication.
The embodiment of the present application is by carrying out authentication, and pair based on service token Yu service verification token to user Than after the authentication of client, calling O&M to control script according to O&M control instruction, and execute the function of O&M control script Can, O&M object can be controlled, and then IT operation maintenance personnel can monitor O&M object in real time by client, Real-time O&M, and complicated O&M operation can be completed, expand maintenance work personnel to the monitoring range of O&M object.
Example:
O&M control flow chart shown in Figure 2 is the App initiation logging request installed from client first, namely Authentication request and O&M control request are sent to server, after server is according to authentication request, user is carried out Authentication;After authentication passes through, client is authorized, if authentication fails, is entered by this user record Audit log;If authentication passes through, client is authorized.
When user end to server sends O&M control instruction, server is obtained and is executed according to O&M control instruction O&M controls script.
When controlling using mobile phone O&M object, application program (Application, App) is installed on mobile phone, And O&M object is controlled by App.
The case where O&M controllers can obtain data center's monitoring room by the Log Analysis System on mobile phone A pp, It, can the when there is any problem when data center's monitoring at any time it can be found that the concrete condition of data center's monitoring room One time-triggered protocol problem.O&M controllers do not need to be monitored data center on the large-size screen monitors of monitoring room yet, Ke Yitong It crosses App and sends the O&M that O&M control instruction carries out visual O&M, the O&M of automation and class of alarming, energy to server It enough realizes network O&M, applied business and the safe visualization of application, can also be realized by a key in App Deployment, O&M and the inspection of O&M object, a key carry out device failure alert, the functions such as room environment monitoring.
Based on the same inventive concept, IT O&M control corresponding with IT O&M control system is additionally provided in the embodiment of the present invention Method processed, the above-mentioned IT of principle and the embodiment of the present invention solved the problems, such as due to the IT O&M control method in the embodiment of the present invention are transported It is similar to tie up control system, therefore the implementation of IT O&M control method may refer to the implementation of IT O&M control system, repeats place It repeats no more.
Firstly, being that server is illustrated IT O&M method from executing subject.
Shown in Figure 3, the embodiment of the present application provides a kind of IT O&M control method, and this method includes the following steps S301-S302;
S301:It receives the O&M that client is sent and controls request;Carried in the O&M control request service token with And O&M control instruction;
S302:The client is authenticated based on the service token, and after the authentication is passed, according to the O&M Control instruction obtains and executes O&M process control script corresponding with the O&M control instruction.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
Receive the authentication request that client is sent;It is carried in the authentication request using default netkey The User Identity of encryption;
The User Identity is decrypted using the default netkey, obtains the user identity of decryption Mark, and authentication is carried out to user according to the User Identity of decryption, and be described after authentication passes through Client carries out permission grant.
Optionally, described to be awarded for client progress permission in IT O&M control method provided by the embodiments of the present application Power, specifically includes:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption, And the target string is sent to client;
The target string is used to indicate the client according to the target string and the user identity mark Know, the service token is generated based on preset algorithm.
Optionally, shown in Figure 4, IT O&M control method provided by the embodiments of the present application, with specific reference to following step S401-S404 is based on the service token and authenticates to the client:
S401:The User Identity is decrypted using the default netkey, obtains the use of decryption Family identity, and according to the User Identity of acquisition, obtain the target of preservation corresponding with the User Identity Character string;
S402:According to the target string and the User Identity, service is generated based on the preset algorithm Verify token;
S403:The service token and the service verification token that carry in O&M control request are compared;
S404:If the two is consistent, the authentication is passed.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
In the O&M control request, client identification information is also carried;
After authentication does not pass through, the client identification information carried in the O&M control request is recorded;
And the client identification information carried in the O&M control request based on record, whether detect the client To attack client;
If so, the identification information based on the client, carries out attack protection processing to the client.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
According to the client identification information of record, detecting distance receives the same client in the current preset time Whether the quantity of the O&M control request at end reaches preset amount threshold;
If reaching, which is determined as to attack client.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued To the interface for receiving the O&M control request, so that the interface is in the O&M control request for receiving the client transmission Afterwards, identification information and attack protection processing list item based on the client carried in O&M control request, by the fortune Dimension control request abandons.
Optionally, IT O&M control method provided by the embodiments of the present application specifically includes:
The target string and the User Identity are spliced, generate splicing character string, and with the mesh Mark character string is encryption key, is encrypted using preset algorithm to the splicing character string, generates the service verification token.
It is below that client is illustrated IT O&M method from executing subject:
Shown in Figure 5, the embodiment of the present application also provides another kind IT O&M control method, includes the following steps S501- S502:
S501:O&M control request is generated, O&M control instruction is carried in the O&M control request and service enables Board;
S502:The O&M control request is sent to server;
Wherein, the service token is authenticated for the server;The O&M control instruction is used for the service Device, according to the O&M control instruction, obtains after the authentication is passed and executes O&M process corresponding with the O&M control instruction Control script.
Optionally, another kind IT O&M control method provided by the embodiments of the present application specifically includes:
Generate authentication request;User's body using default netkey encryption is carried in the authentication request Part mark;
The authentication request is sent to the server;
The generation authentication request is used to indicate the server using the default netkey to the user Identity is decrypted, and obtains the User Identity of decryption, and according to the User Identity of decryption to Family carries out authentication, and after authentication passes through, and carries out permission grant for the client.
Optionally, another kind IT O&M control method provided by the embodiments of the present application specifically includes:
Receive the target string that server is sent;
According to the target string and the User Identity, service token is generated based on the preset algorithm.
Corresponding to the IT O&M control method in above-described embodiment, the embodiment of the present application also provides a kind of computer equipments 600, as shown in fig. 6, the equipment includes memory 61, processor 62 and is stored on the memory 61 and can be in the processor 62 The computer program of upper operation, wherein above-mentioned processor 62 realizes above-mentioned IT O&M controlling party when executing above-mentioned computer program The step of method.
Specifically, above-mentioned memory 61 and processor 62 can be general memory and processor, not do here specific It limits, when the computer program of 62 run memory 61 of processor storage, is able to carry out above-mentioned IT O&M control method, IT fortune Dimension personnel can monitor O&M object in real time by client, real-time O&M, and can complete complicated O&M operation, Expand maintenance work personnel to the monitoring range of O&M object.
IT O&M control method, the embodiment of the present application also provides a kind of computer readable storage mediums, which can It reads to be stored with computer program on storage medium, which executes above-mentioned IT O&M control method when being run by processor The step of.
Specifically, which can be general storage medium, such as mobile disk, hard disk, on the storage medium Computer program when being run, be able to carry out above-mentioned IT O&M control method, IT operation maintenance personnel can be by client to fortune Dimensional object is monitored in real time, real-time O&M, and can complete complicated O&M operation, expands maintenance work personnel to O&M pair The monitoring range of elephant.
The computer program product of IT O&M control method and system, including storage are carried out provided by the embodiment of the present application The computer readable storage medium of program code, the instruction that said program code includes can be used for executing previous methods embodiment Described in method, specific implementation can be found in embodiment of the method, details are not described herein.
In embodiment provided herein, it should be understood that disclosed device and method, it can be by others side Formula is realized.The apparatus embodiments described above are merely exemplary, for example, the division of the unit, only one kind are patrolled Function division is collected, there may be another division manner in actual implementation, in another example, multiple units or components can combine or can To be integrated into another system, or some features can be ignored or not executed.Another point, shown or discussed is mutual Coupling, direct-coupling or communication connection can be INDIRECT COUPLING or communication link by some communication interfaces, device or unit It connects, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme 's.
In addition, each functional unit in embodiment provided by the present application can integrate in one processing unit, it can also To be that each unit physically exists alone, can also be integrated in one unit with two or more units.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially in other words The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a People's computer, server or network equipment etc.) execute each embodiment the method for the application all or part of the steps. And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing, in addition, term " the One ", " second ", " third " etc. are only used for distinguishing description, are not understood to indicate or imply relative importance.
Finally it should be noted that:Embodiment described above, the only specific embodiment of the application, to illustrate the application Technical solution, rather than its limitations, the protection scope of the application is not limited thereto, although with reference to the foregoing embodiments to this Shen It please be described in detail, those skilled in the art should understand that:Anyone skilled in the art Within the technical scope of the present application, it can still modify to technical solution documented by previous embodiment or can be light It is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make The essence of corresponding technical solution is detached from the spirit and scope of the embodiment of the present application technical solution.The protection in the application should all be covered Within the scope of.Therefore, the protection scope of the application shall be subject to the protection scope of the claim.

Claims (19)

1. a kind of IT O&M control system, which is characterized in that the system includes server and client;
The client is connect with the server communication;
The client is sent to server for generating O&M control request, and by O&M control request;The O&M O&M control instruction and service token are carried in control request;
The server, for receiving the O&M control request of client transmission;Service is carried in the O&M control request Token and O&M control instruction;The client is authenticated based on the service token, and after the authentication is passed, according to The O&M control instruction obtains and executes O&M process control script corresponding with the O&M control instruction.
2. system according to claim 1, which is characterized in that the client is also used to:Generate authentication request; The User Identity using default netkey encryption is carried in the authentication request;By the authentication request It is sent to the server;
The server, is also used to:Receive the authentication request that client is sent;Carrying in the authentication request makes The User Identity encrypted with default netkey;The User Identity is solved using the default netkey It is close, the User Identity of decryption is obtained, and authentication is carried out to user according to the User Identity of decryption, And after authentication passes through, permission grant is carried out for the client.
3. system according to claim 2, which is characterized in that the server is specifically used for according to following step being described Client carries out permission grant:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption, and The target string is sent to client;
The target string, is used to indicate the client according to the target string and the User Identity, The service token is generated based on preset algorithm;
And
The client is also used to:Receive the target string that server is sent;
Based on preset algorithm, the service token is generated according to the User Identity and the target string.
4. system according to claim 3, which is characterized in that the server is specifically used for according to following step to described Client is authenticated:
The User Identity is decrypted using the default netkey, obtains the user identity mark of decryption Know, and according to the User Identity of acquisition, obtains the target string of preservation corresponding with the identity;
According to the target string and the User Identity, service verification token is generated based on the preset algorithm;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
5. system according to claim 1, which is characterized in that in the O&M control request, also carry client mark Know information;
The server is also used to, and after authentication does not pass through, records the client mark carried in the O&M control request Know information;
And the client identification information carried in the O&M control request based on record, detect whether the client is to attack Hit client;
If so, the identification information based on the client, carries out attack protection processing to the client.
6. system according to claim 5, which is characterized in that the server is specifically used for being based on note by following step The client identification information carried in the O&M control request of record detects whether the client is attack client:
According to the identification information of the client of record, detecting distance receives the same client in the current preset time O&M control request quantity whether reach preset amount threshold;
If reaching, which is determined as to attack client.
7. system according to claim 5, which is characterized in that the server is specifically used for being based on institute by following step The identification information for stating client carries out attack protection processing to the client:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued to and is connect The interface of O&M control request is received, so that the interface is after receiving the O&M control request that the client is sent, Identification information and attack protection processing list item based on the client carried in O&M control request, by the O&M control System request abandons.
8. system according to claim 4, which is characterized in that the server is specifically used for through following step according to institute Target string and the User Identity are stated, service verification token is generated based on the preset algorithm:
The target string and the User Identity are spliced, generate splicing character string, and with the target word Symbol string is encryption key, is encrypted using predetermined encryption algorithm to the splicing character string, generates the service verification token.
9. a kind of IT O&M control method, which is characterized in that
It receives the O&M that client is sent and controls request;Service token and O&M control are carried in the O&M control request Instruction;
The client is authenticated based on the service token, and after the authentication is passed, according to the O&M control instruction, It obtains and executes O&M process control script corresponding with the O&M control instruction.
10. according to the method described in claim 9, it is characterized in that, this method further includes:
Receive the authentication request that client is sent;It carries in the authentication request and is encrypted using default netkey User Identity;
The User Identity is decrypted using the default netkey, obtains the user identity mark of decryption Know, and authentication is carried out to user according to the User Identity of decryption, and after authentication passes through, is the visitor Family end carries out permission grant.
11. according to the method described in claim 10, it is characterized in that, described carry out permission grant for the client, specifically Including:
It is random to generate target string, the target string is subjected to corresponding preservation with the User Identity of decryption, and The target string is sent to client;
The target string, is used to indicate the client according to the target string and the User Identity, The service token is generated based on preset algorithm.
12. according to the method for claim 11, which is characterized in that in the O&M control request, also carry using institute State the User Identity of default netkey encryption;
It is described that the client is authenticated based on the service token, it specifically includes:
The User Identity is decrypted using the default netkey, obtains the user identity mark of decryption Know, and according to the User Identity of acquisition, obtains the target string of preservation corresponding with the User Identity;
According to the target string and the User Identity, service verification token is generated based on the preset algorithm;
The service token and the service verification token that carry in O&M control request are compared;
If the two is consistent, the authentication is passed.
13. according to the method described in claim 9, it is characterized in that, also carrying client mark in O&M control request Know information;
The method also includes:After authentication does not pass through, the client identification letter carried in the O&M control request is recorded Breath;
And the client identification information carried in the O&M control request based on record, detect whether the client is to attack Hit client;
If so, the identification information based on the client, carries out attack protection processing to the client.
14. according to the method for claim 13, which is characterized in that carried in the O&M control request based on record Client identification information detects whether the client is attack client, specifically includes:
According to the client identification information of record, detecting distance receives the same client in the current preset time Whether the quantity of O&M control request reaches preset amount threshold;
If reaching, which is determined as to attack client.
15. according to the method for claim 13, which is characterized in that the identification information based on the client, to the visitor Family end carries out attack protection processing, specifically includes:
The identification information of the client is added to attack protection processing list item, and attack protection processing list item is issued to and is connect The interface of O&M control request is received, so that the interface is after receiving the O&M control request that the client is sent, Identification information and attack protection processing list item based on the client carried in O&M control request, by the O&M control System request abandons.
16. according to the method for claim 12, which is characterized in that described according to the target string and the user Identity generates service verification token based on the preset algorithm, specifically includes:
The target string and the User Identity are spliced, generate splicing character string, and with the target word Symbol string is encryption key, is encrypted using preset algorithm to the splicing character string, generates the service verification token.
17. a kind of IT O&M control method, which is characterized in that
O&M control request is generated, carries O&M control instruction and service token in the O&M control request;
The O&M control request is sent to server;
Wherein, the service token is authenticated for the server;The O&M control instruction exists for the server According to the O&M control instruction after the authentication is passed, obtains and execute O&M process control corresponding with the O&M control instruction Script.
18. according to the method for claim 17, which is characterized in that further include:
Generate authentication request;The user identity mark using default netkey encryption is carried in the authentication request Know;
The authentication request is sent to the server;
The generation authentication request is used to indicate the server using the default netkey to the user identity Mark is decrypted, and obtains the User Identity of decryption, and according to the User Identity of decryption to user into Row authentication, and after authentication passes through, permission grant is carried out for the client.
19. according to the method for claim 17, which is characterized in that further include:
Receive the target string that server is sent;
According to the target string and the User Identity, service token is generated based on the preset algorithm.
CN201810788852.XA 2018-07-18 2018-07-18 A kind of IT O&M control system and method Pending CN108880912A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810788852.XA CN108880912A (en) 2018-07-18 2018-07-18 A kind of IT O&M control system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810788852.XA CN108880912A (en) 2018-07-18 2018-07-18 A kind of IT O&M control system and method

Publications (1)

Publication Number Publication Date
CN108880912A true CN108880912A (en) 2018-11-23

Family

ID=64303129

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810788852.XA Pending CN108880912A (en) 2018-07-18 2018-07-18 A kind of IT O&M control system and method

Country Status (1)

Country Link
CN (1) CN108880912A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109871671A (en) * 2018-12-15 2019-06-11 中国平安人寿保险股份有限公司 O&M script execution, device, electronic equipment and storage medium
CN111061555A (en) * 2019-12-22 2020-04-24 济南浪潮数据技术有限公司 Operation and maintenance method based on infrastructure and related device
CN111555920A (en) * 2020-04-29 2020-08-18 江苏恒信和安电子科技有限公司 Intelligent operation and maintenance method, system, equipment and user side
CN112464175A (en) * 2020-11-11 2021-03-09 中国建设银行股份有限公司 Script auditing and executing method, system, equipment and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848085A (en) * 2009-03-25 2010-09-29 华为技术有限公司 Communication system, verification device, and verification and signature method for message identity
CN101873298A (en) * 2009-04-21 2010-10-27 华为软件技术有限公司 Registration method, terminal, server and system
CN102013001B (en) * 2010-12-06 2013-05-01 苏州国芯科技有限公司 Card reader with authentication function and authentication method thereof
CN105871796A (en) * 2015-11-18 2016-08-17 乐视致新电子科技(天津)有限公司 Router binding and controlling method and device
CN106101079A (en) * 2016-05-31 2016-11-09 努比亚技术有限公司 A kind of method and system realizing encrypted signature
CN106610845A (en) * 2015-10-23 2017-05-03 北京国双科技有限公司 Information management method, device, server and system
CN106844137A (en) * 2016-12-08 2017-06-13 腾讯科技(深圳)有限公司 The monitoring method and device of server
US20170195460A1 (en) * 2016-01-06 2017-07-06 Adobe Systems Incorporated Robust computing device identification framework
CN107465644A (en) * 2016-06-03 2017-12-12 中兴通讯股份有限公司 Data transmission method, data transmission client and data transmission actuator
CN107547225A (en) * 2016-06-28 2018-01-05 中兴通讯股份有限公司 network element management method, device and mobile terminal

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848085A (en) * 2009-03-25 2010-09-29 华为技术有限公司 Communication system, verification device, and verification and signature method for message identity
CN101873298A (en) * 2009-04-21 2010-10-27 华为软件技术有限公司 Registration method, terminal, server and system
CN102013001B (en) * 2010-12-06 2013-05-01 苏州国芯科技有限公司 Card reader with authentication function and authentication method thereof
CN106610845A (en) * 2015-10-23 2017-05-03 北京国双科技有限公司 Information management method, device, server and system
CN105871796A (en) * 2015-11-18 2016-08-17 乐视致新电子科技(天津)有限公司 Router binding and controlling method and device
US20170195460A1 (en) * 2016-01-06 2017-07-06 Adobe Systems Incorporated Robust computing device identification framework
CN106101079A (en) * 2016-05-31 2016-11-09 努比亚技术有限公司 A kind of method and system realizing encrypted signature
CN107465644A (en) * 2016-06-03 2017-12-12 中兴通讯股份有限公司 Data transmission method, data transmission client and data transmission actuator
CN107547225A (en) * 2016-06-28 2018-01-05 中兴通讯股份有限公司 network element management method, device and mobile terminal
CN106844137A (en) * 2016-12-08 2017-06-13 腾讯科技(深圳)有限公司 The monitoring method and device of server

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109871671A (en) * 2018-12-15 2019-06-11 中国平安人寿保险股份有限公司 O&M script execution, device, electronic equipment and storage medium
CN111061555A (en) * 2019-12-22 2020-04-24 济南浪潮数据技术有限公司 Operation and maintenance method based on infrastructure and related device
CN111555920A (en) * 2020-04-29 2020-08-18 江苏恒信和安电子科技有限公司 Intelligent operation and maintenance method, system, equipment and user side
CN111555920B (en) * 2020-04-29 2022-12-06 江苏恒信和安电子科技有限公司 Intelligent operation and maintenance method, system, equipment and user side
CN112464175A (en) * 2020-11-11 2021-03-09 中国建设银行股份有限公司 Script auditing and executing method, system, equipment and storage medium

Similar Documents

Publication Publication Date Title
EP3219068B1 (en) Method of identifying and counteracting internet attacks
CN108880912A (en) A kind of IT O&M control system and method
CN104969231B (en) The Password-proxy of security challenge auxiliary
CN114900338B (en) Encryption and decryption method, device, equipment and medium
CN107342984A (en) A kind of system, method and device for apparatus bound
CN106790238A (en) It is a kind of to forge CSRF defence authentication method and device across station request
CN106487767A (en) The update method of checking information and device
CN105554098A (en) Device configuration method, server and system
CN109479056A (en) For establishing the method and firewall system that arrive the communication connection of safety of industrial automation system
US20180302437A1 (en) Methods of identifying and counteracting internet attacks
Jain et al. Session hijacking: Threat analysis and countermeasures
CN114301705A (en) Industrial control defense method and system based on trusted computing
CN110225038B (en) Method, device and system for industrial information security
KR101206854B1 (en) Authentication system and method based by unique identifier
CN110166471A (en) A kind of portal authentication method and device
CN107251520A (en) Method for the polymerization authentication protocol in M2M communication
CN107920044A (en) A kind of safe verification method and device
CN108347411B (en) Unified security guarantee method, firewall system, equipment and storage medium
CN110139163A (en) A kind of method and relevant apparatus obtaining barrage
Darmawan et al. Json web token penetration testing on cookie storage with csrf techniques
EP2888689B1 (en) Data verification
US10931713B1 (en) Passive detection of genuine web browsers based on security parameters
CN109886011A (en) A kind of safety protecting method and device
KR101334771B1 (en) surveillance system and method for authentication procedure based by unique identifier
CN113885425A (en) Industrial field PLC network safety operation and maintenance method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination