CN109495451B

CN109495451B - Method and system for processing cloud data request

Info

Publication number: CN109495451B
Application number: CN201811237834.9A
Authority: CN
Inventors: 曹明诚; 张玉智; 方顺豹; 魏成林; 樊维; 李宝生; 刘晓静; 郭宇卓
Original assignee: Beijing Qihoo Technology Co Ltd
Current assignee: Beijing Qihoo Technology Co Ltd
Priority date: 2018-10-23
Filing date: 2018-10-23
Publication date: 2023-02-17
Anticipated expiration: 2038-10-23
Also published as: CN109495451A

Abstract

The invention discloses a method and a system for processing a cloud data request, wherein the method comprises the following steps: receiving an encrypted cloud data request from a cloud service through a secure interaction channel between a locally-operated client application and the cloud service operated at the cloud by using a cloud service function embedded in the client application; decrypting the encrypted cloud data request to obtain a data task to be processed; sending a task processing request including a data task to be processed to a task processing server to prompt the task processing server receiving the task processing request to perform task processing based on a task name and task content included in the data task to be processed; and encrypting a first task processing response message associated with the task processing and received from the task processing server and sending the first task processing response message to the cloud service through the secure interaction channel.

Description

Method and system for processing cloud data request

Technical Field

The present invention relates to the field of cloud service technologies, and in particular, to a method and a system for processing a cloud data request.

Background

Cloud services are an augmentation, usage, and interaction model for internet-based related services, typically involving the provision of dynamically scalable and often virtualized resources over the internet. A cloud service refers to a service manner in which a desired service is provided or obtained in an on-demand and easily extensible manner through a network. Such services may be information, software or internet related services, but also other services.

At present, the variety of cloud services is increasing, and the range of services provided is increasing. For example, when a user wishes to run a specific application on a mobile terminal, a personal computer, or other devices, a local running mode may be adopted, and a cloud running mode may also be adopted. In the cloud operation mode, a user operates a specific application through a cloud service provided on a mobile terminal, a personal computer, or the like, where an actual operation location of the specific application is a cloud end, for example, a server, a service node, or the like in the cloud service. Operation data of a specific application, such as display data and sound data, is delivered to a mobile terminal, a personal computer, or the like through a cloud service to be provided to a user.

In this case, when a user wishes to perform a specific operation such as status update, task processing, etc. in a specific application, a corresponding processing interface must be generated in the cloud service, as shown in fig. 1. Fig. 1 is a diagram 100 illustrating a prior art method for running a specific application in a cloud by using a cloud service. The cloud service 101 can run on a mobile terminal, a personal computer, or the like, and can provide a plurality of applications, for example, application 1, application 2, …, application N. When the user selects to run the application 2, the application 2 is in a running state. At this time, if the user wishes to perform a specific operation such as a status update, task processing, etc. in the application 2, the cloud service provides the user with a new interface, for example, a cumbersome task processing interface 111. Such a cumbersome task processing interface is, for example, a web page to perform data operations, data requests, and the like related to specific operations such as status update, task processing, and the like.

In this manner, the user must perform a cumbersome operation, such as a web page operation, to be able to perform a specific operation, such as a status update or task processing. For this reason, the prior art approach has a non-beneficial effect on the user's operational experience.

Disclosure of Invention

In order to solve the above problem, there is provided a method for processing a cloud data request, the method including:

receiving an encrypted cloud data request from the cloud service through a secure interaction channel between a locally running client application and the cloud service running at the cloud end by using a cloud service function embedded in the client application;

decrypting the encrypted cloud data request to obtain a decrypted cloud data request, and analyzing the decrypted cloud data request to obtain a data task to be processed, wherein the data task to be processed is from a cloud source application running in the cloud service;

sending a task processing request including the data task to be processed to a task processing server to prompt the task processing server receiving the task processing request to perform task processing based on a task name and task content included in the data task to be processed; and

the method includes encrypting a first task processing response message associated with the task processing received from the task processing server to generate an encrypted first task processing response message, and sending the encrypted first task processing response message to the cloud service through the secure interaction channel using a cloud service function embedded in a client application.

Before the cloud service function embedded in the client application is utilized, a cloud service function for establishing the secure interaction channel with cloud service running in a cloud end is embedded in the client application running locally.

The cloud service function is functionally independent from the client application, and the client application cannot modify data received by the cloud service function or data to be transmitted.

And the data transmitted in the secure interaction channel are encrypted data.

The decrypted cloud data request comprises: an identifier of a cloud data request and a data task to be processed, wherein the identifier of the cloud data request is used to uniquely identify the decrypted cloud data request.

Wherein the task name comprises: task title, task identification number and task generation time.

Wherein the task content comprises: the method includes the steps of initiating task processing, and including an identifier of a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, update content associated with the cloud source application, and update conditions associated with the update content.

The method further comprises embedding a client function in the cloud source application running in the cloud service, wherein the client function is used for generating the data task to be processed according to the task name and the task content.

The client function sends the data task to be processed to the cloud service, so that the cloud service allocates an identifier of a cloud data request for cloud identification distinguishing to the data task to be processed, and can generate the cloud data request according to the data task to be processed and the identifier of the cloud data request.

The cloud service determines an identifier of the cloud data request according to an identifier of a cloud source application that generates the to-be-processed data task.

The cloud service encrypts the generated cloud data request to generate an encrypted cloud data request, and sends the encrypted cloud data request to the cloud service function embedded in the client application through the secure interaction channel.

The method further comprises the step of sending a state change request comprising change content to an application server when the running state of the cloud source application needs to be changed in the running process, so as to prompt the application server to generate a response message indicating whether the state change is allowed or not according to the state change request received from the cloud source application.

When the cloud source application receives a response message associated with a state change from the application server, parsing the response message associated with the state change to determine whether the application server allows the state change, and when the response message associated with the state change indicates that the application server allows the cloud source application to perform the state change, the cloud source application generating a task name and task content based on the change content, wherein the task name comprises: the task content comprises a task title, a task identification number and a task generation time, and the task content comprises: an identifier of a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, update content associated with the cloud source application, and update conditions associated with the update content; and

and generating the data task to be processed according to the task name and the task content.

Before sending a task processing request including the data task to be processed to a task processing server, the method further includes:

and determining whether the data task to be processed needs to be processed by the task processing server according to the task name in the data task to be processed, and sending a task processing request comprising the data task to be processed to the task processing server when determining that the data task to be processed needs to be processed by the task processing server.

The task processing server is caused to parse the received data task to be processed so as to determine task content, a business processing flow associated with the update content is selected from a plurality of business processing flows based on the update content associated with the cloud source application in the task content, and the selected business processing flow is caused to execute business processing according to the update condition associated with the update content in the task content.

When the selected business processing flow determines that the data task to be processed is processed completely, notifying the task processing server of the processing result of the data task to be processed, so that the task processing server generates a first task processing response message based on the received processing result, the task name, the task content and the expiration time, and sends the first task processing response message associated with task processing to the cloud service function embedded in the client application.

And sending a first task processing response message associated with task processing to a business server to which the client application belongs by using the cloud service function embedded in the client application.

The service server receiving a first task process response message associated with a task process obtains an identifier of an application server from task content of the first task process response message.

The method further comprises the steps of starting a push timer and setting expiration time for the push timer when the business server receives the first task processing response message, determining a network address of the application server by the business server based on an identifier of the application server when the push timer expires, forming a second task processing response message by a processing result, a task name and task content of the data task to be processed according to the network address of the application server, and sending the second task processing response message to the application server.

Further comprising causing the embedded client function in the cloud source application to decrypt the encrypted first task processing response message to obtain a decrypted first task processing response message, and parsing the decrypted first task processing response message to obtain a task name, task content, processing results, and expiration time;

sending a result query request including the task name to the business server to cause the business server to determine queried task content and processing results based on the task name;

verifying correctness of the task content and the processing result in the decrypted first task processing response message based on the inquired task content and the processing result received from the service server; and

and when the verification result of the task content and the processing result in the decrypted first task processing response message is determined to be correct, sending the decrypted first task processing response message to an application server associated with the cloud source application.

The application server is prompted to analyze the decrypted first task processing response message after receiving the decrypted first task processing response message so as to obtain a task name, task content, a processing result and expiration time;

when the processing result is determined to be successful, acquiring update content associated with the cloud source application in the task content of the decrypted first task processing response message; and

and if the current time is determined to exceed the expiration time, updating the running state of the cloud source application according to the updating content associated with the cloud source application in the task content of the decrypted first task processing response message.

Further comprising, causing the application server to, after receiving the decrypted first task processing response message, parse the decrypted first task processing response message to obtain a task name, task content, a processing result, and an expiration time;

when the processing result is determined to be successful, acquiring update content associated with the cloud source application in the task content of the decrypted first task processing response message;

waiting for a second task processing response message associated with the cloud source application from the traffic server if it is determined that the current time does not exceed the expiration time.

The method further comprises the steps that when a second task processing response message associated with the cloud source application is received from the business server, the application server determines whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if so, the running state of the cloud source application is updated according to an updating content associated with the cloud source application in the task content of the decrypted first task processing response message.

The method further comprises the steps that when a second task processing response message associated with the cloud source application is received from the business server, the application server determines whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if not, the running state of the cloud source application is not updated.

And sending a response message of failure in updating the running state to the cloud source application.

According to another aspect of the present invention, there is provided a system for processing a cloud data request, the system comprising:

the receiving unit is used for receiving an encrypted cloud data request from the cloud service through a secure interaction channel between a locally-operated client application and the cloud service operated at the cloud end by utilizing the cloud service function embedded in the client application;

the decryption unit is used for decrypting the encrypted cloud data request to obtain a decrypted cloud data request and analyzing the decrypted cloud data request to obtain a data task to be processed, wherein the data task to be processed is from a cloud source application running in the cloud service;

a sending unit that sends a task processing request including the to-be-processed data task to a task processing server to cause the task processing server that received the task processing request to perform task processing based on a task name and task content included in the to-be-processed data task; and

and the encryption unit is used for encrypting a first task processing response message which is received from the task processing server and is associated with the task processing to generate an encrypted first task processing response message, and sending the encrypted first task processing response message to the cloud service through the secure interaction channel by using the cloud service function embedded in the client application.

The cloud service establishing method further comprises an initializing unit, wherein a cloud service function used for establishing the secure interaction channel with cloud services operated by a cloud end is embedded in the client application operated locally.

And the data transmitted in the secure interaction channel are encrypted data.

Wherein the task content comprises: the method comprises the steps of identifying an identifier of a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, update content associated with the cloud source application and update conditions associated with the update content.

The system further comprises an initialization unit, wherein the initialization unit is used for embedding a client function in a cloud source application running in the cloud service, and the client function is used for generating the to-be-processed data task according to a task name and task content.

When the cloud source application receives a response message associated with a state change from the application server, parsing the response message associated with the state change to determine whether the application server allows the state change, and when the response message associated with the state change indicates that the application server allows the cloud source application to perform the state change, the cloud source application generating a task name and task content based on the change content, wherein the task name comprises: the task content comprises a task title, a task identification number and a task generation time, and the task content comprises: the method comprises the steps that an identifier of a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, updating content associated with the cloud source application and updating conditions associated with the updating content are obtained; and

The sending unit determines whether the data task to be processed needs to be processed by the task processing server according to the task name in the data task to be processed, and sends a task processing request including the data task to be processed to the task processing server when it is determined that the data task to be processed needs to be processed by the task processing server.

The sending unit sends a first task processing response message associated with task processing to a business server to which the client application belongs by using the cloud service function embedded in the client application.

The service server receiving a first task process response message associated with a task process acquires an identifier of an application server from task content of the first task process response message.

The method further comprises the steps that when a second task processing response message associated with the cloud source application is received from the service server, the application server determines whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if not, the running state of the cloud source application is not updated.

According to a further aspect of the invention, there is provided a mobile terminal comprising or adapted to perform the system of any of claims 26-50.

Drawings

Exemplary embodiments of the invention may be more completely understood in consideration of the following drawings:

fig. 1 is a schematic diagram illustrating a specific application running in a cloud end by using a cloud service in the prior art;

FIG. 2 is a flowchart of a method for processing a cloud-based data request according to a preferred embodiment of the invention;

FIG. 3 is a schematic diagram of a secure interaction channel in accordance with a preferred embodiment of the present invention;

FIG. 4 is a block diagram illustrating a system for processing a cloud-based data request according to a preferred embodiment of the present invention;

fig. 5 is a schematic structural diagram of a system for processing a cloud data request of a hippocampal cloud based on a hand-assistant client according to a preferred embodiment of the present invention; and

fig. 6 is a schematic structural diagram of a system for processing a cloud data request according to another preferred embodiment of the present invention.

Detailed Description

The exemplary embodiments of the present invention will now be described with reference to the accompanying drawings, however, the present invention may be embodied in many different forms and is not limited to the embodiments described herein, which are provided for complete and complete disclosure of the present invention and to fully convey the scope of the present invention to those skilled in the art. The terminology used in the exemplary embodiments illustrated in the accompanying drawings is not intended to be limiting of the invention. In the drawings, the same units/elements are denoted by the same reference numerals.

Fig. 2 is a flowchart of a method 200 for processing a cloud data request according to a preferred embodiment of the present invention. The method 200 includes first receiving an encrypted cloud data request from a cloud service through a secure interaction channel between a locally-operated client application and the cloud service operated by the cloud, obtaining a data task to be processed based on processing the encrypted cloud data request, then sending a task processing request including the data task to be processed to a service server to which the client application belongs, encrypting a first task processing response message associated with task processing and received from the service server, and sending the encrypted task processing request to the cloud service through the secure interaction channel.

As shown in fig. 2, method 200 begins at step 201. In step 201, an encrypted cloud data request is received from a cloud service through a secure interaction channel between a locally running client application and the cloud service running in the cloud using a cloud service function embedded in the client application.

Before the cloud service function embedded in the client application is utilized, a cloud service function for establishing a secure interaction channel with a cloud service running in the cloud end is embedded in the client application running locally. Alternatively, the cloud service functionality is embedded into the client application when the client application is installed into the user device. Alternatively, the cloud service functionality is embedded into the client application when the client application is generated. Alternatively, the cloud service function is installed or embedded in the client application in response to an installation request or an embedding request of the cloud service.

The cloud service function in the client application is functionally independent from the client application, that is, the operation of the cloud service function and the operation of the client application are independent from each other. The client application cannot modify data received by the cloud service function or data to be sent. The cloud service function can send and/or receive data to the cloud service, but the sent and/or received data is encrypted data. The client application cannot crack encrypted data and therefore cannot view and modify transmitted and/or received data. That is, the data transmitted in the secure interaction channel are all encrypted data.

The secure interaction channel between the locally running client application and the cloud service running in the cloud is a secure interaction channel capable of bidirectional data transmission. According to the method and the device, a secure interaction channel is established between the cloud service function embedded in the locally-operated client application and the cloud service operated with the cloud end. The cloud service function can send the encrypted data to the cloud service through the secure interaction channel, and the cloud service can send the encrypted data to the cloud service function through the secure interaction channel.

Wherein the decrypted cloud data request comprises: an identifier of the cloud data request and a data task to be processed. The identifier of the cloud data request is used to uniquely identify the decrypted cloud data request. When the cloud service generates a cloud data request according to a data task to be processed, an identifier capable of uniquely identifying the cloud data request is set/distributed for the generated cloud data request, and the identifier of the cloud data request and the data task to be processed form the cloud data request. And encrypting the formed cloud data request to generate an encrypted cloud data request, and sending the encrypted cloud data request to a cloud service function in the client application.

The data task to be processed comprises a task name and task content. Wherein the task name includes: task title, task identification number and task generation time. Task titles are, for example, payment tasks, data modification tasks, and the like. A task identification number is an identification or identifier for uniquely identifying a data task to be processed. The task generation time is the time at which the data task to be processed is generated. Wherein the data tasks to be processed may be, for example, payment tasks, data modification tasks, etc.

The data task to be processed is from or initiated by a cloud source application running in the cloud service. The task content comprises: the method comprises the steps of identifying an identifier of a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, update content associated with the cloud source application and update conditions associated with the update content. The data task to be processed comes from task processing initiated by a user. For example, when a user wishes to make payment, data modification, and the like while running a cloud source application, task processing for a payment task, a data modification task, and the like may be initiated. The identifier of the user initiating the task process is used to uniquely identify this user, e.g. a user name, a user ID, etc. The identifier of the cloud source application is used for uniquely identifying the cloud source application, such as the name, ID, and the like of the cloud source application. The identifier of the application server is an identifier for uniquely identifying the application server associated with the cloud source application. When the cloud source application is a specific game application, the application server is a server of the specific game application. The updated content associated with the cloud source application is, for example, content associated with a payment task, a data modification task, and the like. The update condition associated with the update content is a condition required for completing a payment task, a data modification task, and the like.

In step 202, the encrypted cloud data request is decrypted to obtain a decrypted cloud data request, and the decrypted cloud data request is parsed to obtain a to-be-processed data task, where the to-be-processed data task is from a cloud source application running in the cloud service.

The method includes embedding a client function in cloud source application running in the cloud service. The method and the device can embed the client function in the cloud source application when the cloud source application is initialized to be ready to run. Alternatively, the client function can be embedded in the cloud source application when the cloud source application is started to run. And the client function is used for generating the data task to be processed according to the task name and the task content.

After generating the to-be-processed data task according to the task name and the task content, the client function sends the to-be-processed data task to the cloud service, so that the cloud service sets/allocates an identifier of a cloud data request for cloud identification distinguishing or an identifier capable of uniquely identifying the cloud data request for the to-be-processed data task, and can generate the cloud data request according to the to-be-processed data task and the identifier of the cloud data request.

The cloud service determines an identifier of the cloud data request according to an identifier of a cloud source application that generates the data task to be processed. For example, a hash value of an identifier of the cloud source application is calculated, and the calculated hash value is used as the identifier of the cloud data request. Alternatively, an identifier of the cloud source application, the current time, and the task number are combined to generate an identifier of the cloud data request.

After a cloud data request is generated according to a data task to be processed and an identifier of the cloud data request, the cloud service encrypts the generated cloud data request to generate an encrypted cloud data request, and the encrypted cloud data request is sent to a cloud service function embedded in the client application through a secure interaction channel.

Before generating a to-be-processed data task according to a task name and task content, when a cloud source application needs to change the running state during running, sending a state change request including change content to an application server to prompt the application server to generate a response message indicating whether to allow state change according to the state change request received from the cloud source application. For example, when a user wishes to perform payment, data modification, and the like while running a cloud source application, the running state needs to be changed. To this end, the cloud source application sends a state change request including change content to the application server, wherein the state change request may include update content associated with the cloud source application and update conditions associated with the update content.

Wherein generating a response message indicating whether to allow the state change according to the received state change request comprises: when the application server receives the state change request from the cloud source application, validity verification is carried out on the updating content associated with the cloud source application and the updating condition associated with the updating content, and when the updating content associated with the cloud source application and the updating condition associated with the updating content are determined to pass the validity verification, a response message allowing the state change is sent to the cloud source application. When the update content associated with the cloud source application and the update condition associated with the update content are determined not to pass the validity verification, a response message which does not allow the state change is sent to the cloud source application.

The validity verification comprises the steps of determining whether the cloud source application is allowed to update the updating content and whether the updating condition is matched with the updating content. When the cloud source application is determined to be allowed to update the update content, and the update condition is determined to be matched with the update content, sending a response message allowing state change to the cloud source application; and otherwise, sending a response message which does not allow the state change to the cloud source application.

When the cloud source application receives a response message associated with the state change from the application server, the response message associated with the state change is parsed to determine whether the application server allows the state change. When the response message associated with the state change indicates that the application server allows the cloud source application to perform the state change, the cloud source application generates a task name and task content based on the change content, wherein the task name comprises: the task title, the task identification number and the task generation time, and the task content comprises: the method comprises the steps of identifying a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, updating content associated with the cloud source application and updating conditions associated with the updating content. And the cloud source application generates a data task to be processed according to the task name and the task content.

In step 203, a task processing request including the data task to be processed is sent to the task processing server to prompt the task processing server receiving the task processing request to perform task processing based on the task name and the task content included in the data task to be processed. Alternatively, the application may select a task processing server associated with the data task to be processed from the plurality of task processing servers according to the task name in the data task to be processed.

Before sending a task processing request including a data task to be processed to the task processing server, the method further comprises the following steps: and when the data task to be processed is determined to be processed by the task processing server, a task processing request comprising the data task to be processed is sent to the task processing server. When it is determined that the data task to be processed does not need to be processed by the task processing server, a task processing request including the data task to be processed is not sent to the task processing server. For example, when the task name is a payment task, then it is determined that the pending payment task needs to be processed by the task processing server, e.g., by the payment center. And sending a task processing request comprising the payment task to be processed to the task processing server. For example, when the task name is a data query task, it is determined that the data query task to be processed does not need to be processed by the task processing server. And sending a task processing request comprising a data query task to be processed to the data server.

The application causes a task processing server, such as a payment center or a data server, to parse a received data task to be processed to determine task content. The task processing server selects a business processing flow associated with the update content from the plurality of business processing flows based on the update content associated with the cloud source application in the task content. And causing the selected business processing flow to execute business processing according to the updating condition associated with the updating content in the task content. That is, when the user or the cloud source application satisfies the update condition associated with the update content, the selected business processing flow performs business processing on the update content associated with the cloud source application.

When the selected business processing flow determines that the data task to be processed is already processed, notifying a processing result of the data task to be processed, such as successful completion/successful processing of the data task to be processed or unsuccessful completion/failed processing of the data task to be processed, to the task processing server, so that the task processing server generates a first task processing response message based on the received processing result, task name, task content and expiration time, and sends the first task processing response message associated with the task processing to the cloud service function embedded in the client application. Wherein the expiration time is a last time the application server waits for the second task from the service server to process the response message.

And sending a first task processing response message associated with task processing to a business server to which the client application belongs by using the cloud service function embedded in the client application. The service server receiving the first task process response message associated with the task process acquires the identifier of the application server from the task content of the first task process response message. The application causes a push timer to be started and an expiration time to be set for the push timer when a first task process response message associated with a task process is received by a traffic server. For example, the current time is 20 minutes 05 seconds at 11 o 'clock 28 p' clock in 2018, 9 and 36 seconds at 11 o 'clock 28 p' clock in 2018, and the expiration time is 25 minutes 36 seconds at 11 o 'clock 28 p' clock in 2018. When the push timer expires, for example, when the current time reaches 25 minutes and 36 seconds at 11 th 28 th 9 th 2018, the service server determines the network address of the application server based on the identifier of the application server, and forms a second task processing response message by the processing result, the task name and the task content of the data task to be processed according to the network address of the application server, and sends the second task processing response message to the application server.

In step 204, a first task processing response message associated with task processing received from the task processing server is encrypted to generate an encrypted first task processing response message, and the encrypted first task processing response message is sent to the cloud service through the secure interaction channel by using the cloud service function embedded in the client application. The cloud service provides or sends the encrypted first task processing response message to the cloud source application.

The method and the device enable the client function embedded in the cloud source application to decrypt the encrypted first task processing response message to obtain the decrypted first task processing response message, and analyze the decrypted first task processing response message to obtain the task name, the task content, the processing result and the expiration time. Wherein the expiration time is a last time the application server waits for the second task from the service server to process the response message. For example, if the expiration time is 30 minutes 00 seconds at 11 o ' clock at 28 o ' clock in 2018, 9 o ' clock at 28 o ' clock at 11 o ' clock at 28 o ' clock in 2018, the application server waits for the second task processing response message from the service server before receiving the decrypted first task processing response message at 30 minutes 00 seconds at 11 o ' clock in 2018, 9 o ' clock at 28 o ' clock. When the current time reaches the expiration time, for example, 30 min 00 s at 11 p.9/28/2018, the application server does not wait for the second task processing response message from the service server, but determines the processing result using the received decrypted first task processing response message.

The cloud source application sends a result query request including a task name to the business server to cause the business server to determine queried task content and processing results based on the task name. And verifying the correctness of the task content and the processing result in the decrypted first task processing response message based on the inquired task content and the processing result received from the task server. Wherein the correctness verification may be to determine whether the task content and the processing result in the decrypted first task processing response message are the same as the queried task content and processing result received from the task server. And when the verification result of the task content and the processing result in the decrypted first task processing response message is determined to be correct, namely the task content and the processing result in the decrypted first task processing response message are the same as the inquired task content and the processing result received from the task server, sending the decrypted first task processing response message to the application server associated with the cloud source application.

The application server is prompted to analyze the decrypted first task processing response message to acquire the task name, the task content, the processing result and the expiration time after receiving the decrypted first task processing response message. And when the processing result is determined to be successful, acquiring the update content associated with the cloud source application in the task content of the decrypted first task processing response message. And if the current time is determined to exceed the expiration time, updating the running state of the cloud source application according to the updating content associated with the cloud source application in the task content of the decrypted first task processing response message.

In other cases, the application server is prompted to parse the decrypted first task processing response message to obtain the task name, the task content, the processing result and the expiration time after receiving the decrypted first task processing response message. And when the processing result is determined to be successful, acquiring the updated content associated with the cloud source application in the task content of the decrypted first task processing response message. And if the current time is determined not to exceed the expiration time, waiting for a second task processing response message associated with the cloud source application from the business server.

In addition, when a second task processing response message associated with the cloud source application is received from the service server, the application server determines whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if so, updates the running state of the cloud source application according to an update content associated with the cloud source application in the task content of the decrypted first task processing response message.

When a second task processing response message associated with the cloud source application is received from the service server, the application server determines whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if not, the running state of the cloud source application is not updated. The method further comprises the step of sending a response message of failure in updating the running state to the cloud source application.

Fig. 3 is a schematic structural diagram 300 of a secure interaction channel according to a preferred embodiment of the present invention. As shown in fig. 3, a cloud service function 311 for establishing a secure interaction channel 305 with a cloud service 301 running in the cloud is embedded in a locally running client application 310. Alternatively, the cloud service functionality 311 is embedded in the client application 310 when the client application 310 is installed into the user device. Alternatively, the cloud service function 311 is embedded in the client application 310 when the client application 310 is generated. Alternatively, the cloud service function 311 is installed or embedded in the client application 310 in response to an installation request or an embedding request of the cloud service 301. The secure interaction channel 305 may be a two-way communication connection.

The client function 303 is embedded in a cloud source application 302 running in the cloud service 301. The present application may embed client functionality 303 in cloud source application 302 when cloud source application 302 is initialized to be ready for runtime. Alternatively, the present application may embed the client function 303 in the cloud source application 302 when the cloud source application 302 is launched. The client function 303 is used to generate data tasks to be processed from task names and task content.

The cloud service function 311 in the client application 310 is functionally independent from the client application 310, i.e., the operation of the cloud service function 311 and the operation of the client application 310 are independent from each other. The client application 310 cannot modify data received by the cloud service function 311 or data to be transmitted. The cloud service function 311 can send and/or receive data to the cloud service 301, but the sent and/or received data is encrypted data. The client application 310 is unable to crack encrypted data and, therefore, unable to view and modify transmitted and/or received data. That is, the data transmitted in the secure interaction channel 305 is encrypted data.

The secure interaction channel between the locally running client application 310 and the cloud service 301 running in the cloud is a secure interaction channel 305 capable of bidirectional data transmission. The application establishes a secure interaction channel 305 with a cloud service 301 running in a cloud end through a cloud service function 311 embedded in a client application 310 running locally. The cloud service function 311 can send the encrypted data to the cloud service 301 through the secure interaction channel 305, and the cloud service 301 can send the encrypted data to the cloud service function 311 through the secure interaction channel 305.

Fig. 4 is a schematic diagram of a system 400 for processing a cloud data request according to a preferred embodiment of the present invention. As shown in fig. 4, the present application utilizes a cloud service function 411 embedded in a client application 410 to receive an encrypted cloud data request from a cloud service 401 through a secure interaction channel 405 between a locally running client application 410 and the cloud service 401 running in the cloud.

Before utilizing the cloud service function 411 embedded in the client application 410, embedding a cloud service function 411 for establishing a secure interaction channel 405 with the cloud service 401 running in the cloud end in the locally running client application 410 is further included. Alternatively, the cloud service function 411 is embedded in the client application 410 when the client application 410 is installed into the user device. Alternatively, the cloud service function 411 is embedded in the client application 410 when the client application 410 is generated. Alternatively, the cloud service function 411 is installed or embedded in the client application 410 in response to an installation request or an embedding request of the cloud service 401.

The cloud service function 411 in the client application 410 is functionally independent from the client application 410, i.e., the operation of the cloud service function 411 and the operation of the client application 410 are independent from each other. The client application 410 cannot modify data received by the cloud service function 411 or data to be transmitted. The cloud service function 411 can send and/or receive data to the cloud service 401, but the sent and/or received data is encrypted data. The client application 410 is unable to crack encrypted data and, therefore, is unable to view and modify transmitted and/or received data. That is, the data transmitted in the secure interaction channel 405 is encrypted data.

The secure interaction channel 405 between the locally running client application 410 and the cloud service 401 running in the cloud is a secure interaction channel 405 capable of bidirectional data transmission. According to the application, a secure interaction channel 405 is established between a cloud service function 411 embedded in a locally-operated client application 410 and a cloud service 401 operated in a cloud end. The cloud service function 411 can send the encrypted data to the cloud service 401 through the secure interaction channel 405, and the cloud service 401 can send the encrypted data to the cloud service function 411 through the secure interaction channel 405.

Wherein the decrypted cloud data request comprises: an identifier of the cloud data request and a data task to be processed. The identifier of the cloud data request is used to uniquely identify the decrypted cloud data request. When the cloud service 401 generates a cloud data request according to a data task to be processed, an identifier capable of uniquely identifying the cloud data request is set/allocated to the generated cloud data request, and the identifier of the cloud data request and the data task to be processed form the cloud data request. The composed cloud data request is encrypted to generate an encrypted cloud data request, and the encrypted cloud data request is sent to the cloud service function 411 in the client application 410.

The data task to be processed comprises a task name and task content. Wherein the task name includes: task title, task identification number and task generation time. Task titles are, for example, payment tasks, data modification tasks, and the like. A task identification number is an identification or identifier used to uniquely identify a data task to be processed. The task generation time is the time at which the data task to be processed is generated. Wherein the data tasks to be processed may be, for example, payment tasks, data modification tasks, etc.

The pending data task is from or initiated by a cloud source application 402 running in the cloud service 401. The task content comprises: an identifier of the user initiating the task processing, an identifier of the cloud source application 402, an identifier of the application server 420, update content associated with the cloud source application 402, and update conditions associated with the update content. The data task to be processed comes from task processing initiated by a user. For example, when a user wishes to make a payment, data modification, etc. while running the cloud source application 402, task processing for the payment task, data modification task, etc. may be initiated. The identifier of the user initiating the task process is used to uniquely identify this user, e.g. a user name, a user ID, etc. The identifier of the cloud source application 402 is used to uniquely identify the cloud source application 402, such as the name, ID, etc. of the cloud source application 402. The identifier of the application server 420 is an identifier for uniquely identifying the application server 420 associated with the cloud source application 402. When the cloud source application 402 is a particular gaming application, the application server 420 is a server for the particular gaming application. The updated content associated with the cloud-source application 402 is, for example, content associated with payment tasks, data modification tasks, and the like. The update condition associated with the update content is a condition required for completing a payment task, a data modification task, and the like.

The encrypted cloud data request is decrypted to obtain a decrypted cloud data request, and the decrypted cloud data request is parsed to obtain a to-be-processed data task, wherein the to-be-processed data task is from a cloud source application 402 running in the cloud service 401.

A client function 403 is embedded in a cloud source application 402 running in the cloud service 401. The present application may embed client functionality 403 in cloud source application 402 when cloud source application 402 is initialized to be ready for runtime. Alternatively, the present application may embed the client function 403 in the cloud source application 402 when the cloud source application 402 is launched. The client function 403 is used to generate a data task to be processed from the task name and the task content.

After generating the to-be-processed data task according to the task name and the task content, the client function 403 sends the to-be-processed data task to the cloud service 401, so that the cloud service 401 sets/allocates an identifier of a cloud data request for cloud identification distinguishing or an identifier capable of uniquely identifying the cloud data request for the to-be-processed data task, and can generate the cloud data request according to the to-be-processed data task and the identifier of the cloud data request.

The cloud service 401 determines an identifier of the cloud data request from an identifier of the cloud source application 402 that generated the pending data task. For example, a hash value of the identifier of the cloud source application 402 is calculated, and the calculated hash value is used as the identifier of the cloud data request. Alternatively, the identifier of the cloud source application 402, the current time, and the task number are combined to generate an identifier of the cloud data request.

After generating the cloud data request according to the data task to be processed and the identifier of the cloud data request, the cloud service 401 encrypts the generated cloud data request to generate an encrypted cloud data request, and sends the encrypted cloud data request to the cloud service function 411 embedded in the client application 410 through the secure interaction channel 405.

Before generating a to-be-processed data task according to the task name and the task content, when the cloud source application 402 needs to change the running state during running, a state change request including the change content is sent to the application server 420, so that the application server 420 is prompted to generate a response message indicating whether to allow the state change according to the state change request received from the cloud source application 402. For example, when the user wishes to perform payment, data modification, and the like while running the cloud source application 402, the running state needs to be changed. To this end, the cloud source application 402 sends a state change request including change content to the application server 420, where the state change request may include update content associated with the cloud source application 402 and update conditions associated with the update content.

Wherein generating a response message indicating whether to allow the state change according to the received state change request comprises: when the application server 420 receives the state change request from the cloud source application 402, validity verification is performed on the update content associated with the cloud source application 402 and the update condition associated with the update content, and when it is determined that the update content associated with the cloud source application 402 and the update condition associated with the update content pass the validity verification, a response message allowing the state change is sent to the cloud source application 402. When it is determined that the update content associated with the cloud source application 402 and the update condition associated with the update content do not pass the validity verification, a response message that does not allow the state change is sent to the cloud source application 402.

The validity verification includes determining whether the cloud source application 402 is allowed to perform the update of the update content, and whether the update condition matches the update content. When it is determined that the update content is allowed to be updated by the cloud source application 402 and it is determined that the update condition matches the update content, sending a response message allowing the state change to the cloud source application 402; otherwise, a response message not allowing the state change is sent to the cloud source application 402.

When the cloud source application 402 receives a response message associated with a state change from the application server 420, the response message associated with the state change is parsed to determine whether the application server 420 allows the state change. When the response message associated with the status change indicates that the application server 420 allows the cloud source application 402 to make the status change, the cloud source application 402 generates a task name and task content based on the change content, wherein the task name includes: the task title, the task identification number and the task generation time, and the task content comprises: an identification of a user initiating the task processing, an identifier of the cloud source application 402, an identifier of the application server 420, update content associated with the cloud source application 402, and update conditions associated with the update content. The cloud source application 402 generates a data task to be processed according to the task name and the task content.

A task processing request including the data task to be processed is transmitted to the task processing server 440-1 to cause the task processing server 440-1, which has received the task processing request, to perform task processing based on the task name and the task content included in the data task to be processed. Alternatively, the present application may select the task processing server 440-1 associated with the data task to be processed from the plurality of task processing servers 440-1, 440-2, … …, 440-N according to the task name in the data task to be processed.

Before sending the task processing request including the data task to be processed to the task processing server 440-1, the method further includes: whether the data task to be processed needs to be processed by the task processing server 440-1 is determined according to the task name in the data task to be processed, and when it is determined that the data task to be processed needs to be processed by the task processing server 440-1, a task processing request including the data task to be processed is sent to the task processing server 440-1. Upon determining that the pending data task does not need to be processed by the task processing server 440-1, a task processing request including the pending data task is not sent to the task processing server 440-1. For example, when the task name is a payment task, it is determined that the pending payment task needs to be processed by the task processing server 440-1, e.g., by the payment center. The task processing request including the payment task to be processed is transmitted to the task processing server 440-1. For example, when the task name is a data query task, it is determined that the data query task to be processed does not need to be processed by the task processing server 440-1. And sending a task processing request comprising a data query task to be processed to the data server.

The present application causes a task processing server 440-1, such as a payment center or data server, to parse a received pending data task to determine task content. The task processing server 440-1 selects a business process associated with the update content from the plurality of business processes based on the update content associated with the cloud source application 402 in the task content. And causing the selected business processing flow to execute business processing according to the updating condition associated with the updating content in the task content. That is, when the user or the cloud source application 402 satisfies the update condition associated with the update content, the selected business process flow performs the business process on the update content associated with the cloud source application 402.

When the selected business process flow determines that the data task to be processed has been processed, the processing result of the data task to be processed, for example, the data task to be processed is successfully completed/processed successfully or the data task to be processed is unsuccessfully completed/processed unsuccessfully, is notified to the task processing server 440-1, so that the task processing server 440-1 generates a first task processing response message based on the received processing result, task name, task content and expiration time, and sends the first task processing response message associated with the task processing to the cloud service function 411 embedded in the client application. Wherein the expiration time is a last time the application server waits for the second task from the service server to process the response message. .

The first task process response message associated with the task process is transmitted to the business server 430 to which the client application 410 belongs, using the cloud service function 411 embedded in the client application 410. The service server 430, which receives the first task process response message associated with the task process, acquires the identifier of the application server 420 from the task content of the first task process response message. The present application causes a push timer to be started and an expiration time to be set for the push timer when the first task process response message associated with the task process is received by the service server 430. When the push timer expires, the service server 430 determines the network address of the application server 420 based on the identifier of the application server 420, constructs a second task processing response message from the processing result, the task name, and the task content of the data task to be processed according to the network address of the application server 420, and sends the second task processing response message to the application server 420.

The present application encrypts a first task process response message associated with a task process received from the task process server 440-1430 to generate an encrypted first task process response message, and transmits the encrypted first task process response message to the cloud service 401 through the secure interaction channel 405 using the cloud service function 411 embedded in the client application 410. The cloud service 401 provides or sends the encrypted first task processing response message to the cloud source application 402.

The application causes the client function 403 embedded in the cloud source application 402 to decrypt the encrypted first task processing response message to obtain a decrypted first task processing response message, and parse the decrypted first task processing response message to obtain a task name, a task content, a processing result, and an expiration time. Where the expiration time is the last time the application server 420 waits for the second task processing response message from the service server 430. For example, if the expiration time is 30 minutes 00 seconds at 11 o 'clock 28 p' clock in 2018, 9 o 'clock 28 p' clock in 2018, the application server 420 waits for the second task processing response message from the service server 430 before receiving the decrypted first task processing response message at 30 minutes 00 seconds at 11 o 'clock 28 p' clock in 2018. When the current time reaches the expiration time, for example, 30 min 00 s at 11 p.9/28/2018, the application server 420 does not wait for the second task processing response message from the service server 430, but determines the processing result using the received decrypted first task processing response message.

The cloud source application 402 sends a result query request including a task name to the business server 430 to cause the business server 430 to determine queried task content and processing results based on the task name. The task contents and the processing results in the decrypted first task processing response message are subjected to correctness verification based on the queried task contents and processing results received from the task server 430. Wherein the correctness verification may be to determine whether the task content and the processing result in the decrypted first task process response message are the same as the queried task content and processing result received from the task server 430. When it is determined that the verification result of the task content and the processing result in the decrypted first task processing response message is correct, that is, the task content and the processing result in the decrypted first task processing response message are the same as the queried task content and the processing result received from the task server 430, the decrypted first task processing response message is sent to the application server 420 associated with the cloud source application 402.

The application causes the application server 420 to parse the decrypted first task processing response message to obtain the task name, the task content, the processing result and the expiration time after receiving the decrypted first task processing response message. And when the processing result is determined to be successful, acquiring the updated content associated with the cloud source application 402 in the task content of the decrypted first task processing response message. If the current time is determined to exceed the expiration time, the running state of the cloud source application 402 is updated according to the update content associated with the cloud source application 402 in the task content of the decrypted first task processing response message.

In other cases, the application causes the application server 420 to parse the decrypted first task process response message to obtain the task name, the task content, the processing result, and the expiration time after receiving the decrypted first task process response message. When the processing result is determined to be successful, the update content associated with the cloud source application 402 in the task content of the decrypted first task processing response message is obtained. If it is determined that the current time does not exceed the expiration time, a second task processing response message associated with the cloud source application 402 from the business server 430 is awaited.

In addition, when the second task processing response message associated with the cloud source application 402 is received from the business server 430, the application server 420 determines whether the processing result in the second task processing response message is the same as the processing result in the decrypted first task processing response message, and if so, updates the running state of the cloud source application 402 according to the update content associated with the cloud source application 402 in the task content of the decrypted first task processing response message.

When receiving the second task processing response message associated with the cloud source application 402 from the business server 430, the application server 420 determines whether the processing result in the second task processing response message is the same as the processing result in the decrypted first task processing response message, and if not, does not update the running state of the cloud source application 402. The application further includes sending a response message indicating that the running status update fails to be sent to the cloud source application 402.

Fig. 5 is a schematic diagram of a system 500 for processing a cloud data request of a hippocampal cloud based on a tour assistant client according to a preferred embodiment of the present invention. As shown in fig. 5, the present application utilizes a hippocampal cloud SDK (software development kit) 511 embedded in a hand tour assistant client 510 to receive encrypted cloud data requests from a hippocampal cloud 501 through a secure interaction channel 505 between the locally running hand tour assistant client 510 and the cloud running hippocampal cloud 501.

Before utilizing the hippocampal cloud SDK511 embedded in the hand-tour assistant client 510, embedding a hippocampal cloud SDK511 in the locally running hand-tour assistant client 510 for establishing a secure interaction channel 505 with the cloud-running hippocampal cloud 501. Alternatively, the hippocampal cloud SDK511 is embedded in the handheld assistant client 510 when the handheld assistant client 510 is installed in the user device. Alternatively, the hippocampal cloud SDK511 is embedded in the tour assistant client 510 when the tour assistant client 510 is generated. Alternatively, the hippocampal cloud SDK511 is installed or embedded in the handheld game assistant client 510 in response to an installation request or an embedding request of the hippocampal cloud 501.

The hippocampal cloud SDK511 in the hand-tour assistant client 510 is functionally independent from the hand-tour assistant client 510, i.e. the operation of the hippocampal cloud SDK511 and the operation of the hand-tour assistant client 510 are independent from each other. The handheld game helper client 510 cannot modify the data received by the hippocampal cloud SDK511 or the data to be sent. The hippocampal cloud SDK511 is capable of sending and/or receiving data to the hippocampal cloud 501, but the sent and/or received data is encrypted data. The tour assistant client 510 is unable to crack the encrypted data and, therefore, is unable to view and modify the data sent and/or received. That is, the data transmitted in the secure interaction channel 505 is encrypted data.

The secure interaction channel 505 between the locally running hand-trip assistant client 510 and the cloud running hippocampal cloud 501 is a secure interaction channel 505 capable of bidirectional data transmission. According to the application, a safe interaction channel 505 is established between a hippocampal cloud SDK511 embedded in a locally-operated hand-tour assistant client 510 and a hippocampal cloud 501 operated with a cloud. The hippocampal cloud SDK511 is able to send encrypted data to the hippocampal cloud 501 through the secure interaction channel 505, and the hippocampal cloud 501 is able to send encrypted data to the hippocampal cloud SDK511 through the secure interaction channel 505.

Wherein the decrypted cloud data request comprises: an identifier of the cloud data request and a data task to be processed. The identifier of the cloud data request is used to uniquely identify the decrypted cloud data request. When the hippocampal cloud 501 generates a cloud data request according to a data task to be processed, an identifier capable of uniquely identifying the cloud data request is set/distributed for the generated cloud data request, and the cloud data request is formed by the identifier of the cloud data request and the data task to be processed. The composed cloud data request is encrypted to generate an encrypted cloud data request, and the encrypted cloud data request is sent to the hippocampal cloud SDK511 in the handheld assistant client 510.

The data task to be processed comprises a task name and task content. Wherein the task name includes: task title, task identification number and task generation time. The task title is, for example, a game payment task. A task identification number is an identification or identifier used to uniquely identify a data task to be processed. The task generation time is the time at which the data task to be processed is generated. Wherein the data task to be processed may be a payment task, for example.

The data tasks to be processed are from or initiated by a game 502 running in the hippocampal cloud 501. The task content comprises: an identifier of the user who initiated the task processing, an identifier of the game 502, an identifier of the game server 520, update content associated with the game 502, and update conditions associated with the update content. The data task to be processed comes from task processing initiated by a user. For example, when a user wishes to make a payment while running game 502, task processing for a payment task may be initiated. The identifier of the user initiating the task process is used to uniquely identify this user, e.g. a user name, a user ID, etc. The identifier of game 502 is used to uniquely identify game 502, such as the name, ID, etc. of game 502. The identifier of the game server 520 is an identifier for uniquely identifying the game server 520 associated with the game 502. When game 502 is a particular game application, game server 520 is a server for the particular game application. The updated content associated with game 502 is, for example, content associated with a payment task, such as, for example, the purchase of at least one prop in the game. The update condition associated with the update content is a condition required to complete a payment task, for example, an amount of money to be paid to purchase at least one prop in the game. It should be appreciated that in a practical scenario, the task content may include a game order number, an amount, a prop name, a user identifier, and a game identifier.

The encrypted cloud data request is decrypted to obtain a decrypted cloud data request, and the decrypted cloud data request is analyzed to obtain a to-be-processed data task, wherein the to-be-processed data task is from a game 502 running in a hippocampal cloud 501.

A hand-game pay SDK is embedded in a game 502 running in the hippocampal cloud 501. The application may embed a hand game payout SDK in the game 502 when the game 502 is initialized to be run. Alternatively, the subject application may embed a hand game payout SDK in the game 502 when the game 502 is started for execution. The hand-game payment SDK is used for generating a data task to be processed according to the task name and the task content.

After a to-be-processed data task is generated according to a task name and task content, the hand-tour payment SDK sends the to-be-processed data task to the hippocampal cloud 501, so that the hippocampal cloud 501 sets/allocates an identifier for cloud data request for cloud identification distinguishing or an identifier capable of uniquely identifying the cloud data request for the to-be-processed data task, and can generate the cloud data request according to the to-be-processed data task and the identifier of the cloud data request.

The hippocampal cloud 501 determines the identifier of the cloud data request from the identifier of the game 502 that generated the data task to be processed. For example, a hash value of the identifier of the game 502 is calculated, and the calculated hash value is used as the identifier of the cloud data request. Alternatively, the identifier of the game 502, the current time, and the task number are combined to generate an identifier of the cloud data request.

After generating a cloud data request according to the data task to be processed and the identifier of the cloud data request, the hippocampal cloud 501 encrypts the generated cloud data request to generate an encrypted cloud data request, and sends the encrypted cloud data request to the hippocampal cloud SDK511 embedded in the tour assistant client 510 through the secure interaction channel 505.

Before generating a pending data task from the task name and task content, when a change in the running state of game 502 is required during operation, a state change request including the change content is sent to game server 520 to cause game server 520 to generate a response message indicating whether the state change is permitted or not, in accordance with the state change request received from game 502. For example, when the user desires to make a payment, a data modification, or the like while running the game 502, the running state needs to be changed. To this end, game 502 sends a state change request including change content to game server 520, where the state change request may include update content associated with game 502 and update conditions associated with the update content.

Wherein generating a response message indicating whether to allow the state change according to the received state change request comprises: when game server 520 receives the state change request from game 502, validity verification is performed on the update content associated with game 502 and the update condition associated with the update content, and when it is determined that the update content associated with game 502 and the update condition associated with the update content pass the validity verification, a response message that allows the state change is transmitted to game 502. When it is determined that the update content associated with the game 502 and the update condition associated with the update content do not pass the validity verification, a response message not allowing the state change is sent to the game 502.

The validity verification includes determining whether the game 502 is allowed to perform the update of the update content and whether the update condition matches the update content. When it is determined that the game 502 is allowed to perform the update of the update content and it is determined that the update condition matches the update content, a response message allowing the state change is sent to the game 502; otherwise, a response message not allowing the state change is sent to game 502.

When game 502 receives a response message associated with a state change from game server 520, the response message associated with the state change is parsed to determine whether game server 520 allows the state change to be made. When the response message associated with the state change indicates that game server 520 allows game 502 to make the state change, game 502 generates a task name and task content based on the change content, wherein the task name includes: the task title, the task identification number and the task generation time, and the task content comprises: an identification of a user initiating the task process, an identifier of the game 502, an identifier of the game server 520, update content associated with the game 502, and update conditions associated with the update content. The game 502 generates a pending data task based on the task name and the task content.

A task processing request including the data task to be processed is transmitted to the payment center 540 to cause the payment center 540, which has received the task processing request, to perform task processing based on the task name and the task content included in the data task to be processed. Before sending the task processing request including the data task to be processed to the payment center 540, the method further includes: and determining whether the data task to be processed needs to be processed by the payment center 540 according to the task name in the data task to be processed, and sending a task processing request including the data task to be processed to the payment center 540 when determining that the data task to be processed needs to be processed by the payment center 540. Upon determining that the pending data task does not need to be processed by the payment center 540, a task processing request including the pending data task is not sent to the payment center 540. For example, when the task name is a payment task, then it is determined that the pending payment task needs to be processed by the payment center 540. The task processing request including the pending payment task is sent to the payment center 540. For example, when the task name is a data query task, then it is determined that the data query task to be processed does not need to be processed by the payment center 540. And sending a task processing request comprising a data query task to be processed to the data server.

The present application causes the payment center 540 to parse the received pending data task to determine the task content. The payment center 540 selects a business process flow associated with the update content from a plurality of business process flows, for example, applePay and other payment methods, based on the update content associated with the game 502 in the task content. The business processing flow comprises network payment such as ApplePay and the like. Wherein ApplePay is a web payment platform provided by apple inc. It should be understood by those skilled in the art that the present application is not limited to the use of the above-described network payment means or network payment service, but may use any past, existing or future network payment means or network payment service. For example, when a user plays a game within the application platform and needs to pay within the game (e.g., purchase equipment, etc.), a payment service needs to be initiated, and the payment can be paid over an ApplePay, etc. network, causing the selected business process flow to execute business processes according to the update conditions associated with the update content in the task content. That is, when the user or the game 502 satisfies the update condition associated with the update content, for example, when the amount of money meeting the requirement has been paid by the payroll, the selected business process flow performs the business process on the update content associated with the game 502, for example, adding a corresponding prop to the role of the user in the game 502.

When the selected business process flow determines that the data task to be processed is already processed, a processing result of the data task to be processed, for example, the data task to be processed is successfully completed/successfully processed, or the data task to be processed is not successfully completed/successfully processed, is notified to the payment center 540, so that the payment center 540 generates a first task processing response message based on the received processing result, task name, task content, and expiration time, and sends the first task processing response message associated with the task processing to the hippocampal cloud SDK511 embedded in the client application. Wherein the expiration time is a last time the application server waits for the second task from the service server to process the response message. .

The first task process response message associated with the task process is sent to the handheld assistant server 530 to which the handheld assistant client 510 belongs, using the hippocampal cloud SDK511 embedded in the handheld assistant client 510. The hand-trip assistant server 530 that received the first task process response message associated with the task process acquires the identifier of the game server 520 from the task content of the first task process response message. The present application causes the push timer to be started and the expiration time to be set for the push timer when the first task process response message associated with the task process is received by the hand-trip assistant server 530. When the push timer expires, the hand-game assistant server 530 determines the network address of the game server 520 based on the identifier of the game server 520, constructs a second task processing response message from the processing result of the data task to be processed, the task name, and the task content according to the network address of the game server 520, and transmits the second task processing response message to the game server 520.

The application encrypts a first task process response message associated with task processing received from the payment center 540 to generate an encrypted first task process response message, and sends the encrypted first task process response message to the hippocampal cloud 501 through the secure interaction channel 505 using the hippocampal cloud SDK511 embedded in the tour assistant client 510. The hippocampal cloud 501 provides or sends an encrypted first task processing response message to the game 502.

The application causes the hand-trip payment SDK embedded in the game 502 to decrypt the encrypted first task process response message to obtain a decrypted first task process response message, parse the decrypted first task process response message to obtain the task name, the task content, the processing result, and the expiration time. Where the expiration time is the last time the game server 520 waits for the second task processing response message from the hand game assistant server 530. For example, if the expiration time is 20 o' clock 30 min 00 sec at 28 th day in 2018, 9 th month, 11 th day, 30 min 00 sec at 2018 th month, 28 th day, 11 th day, the game server 520 waits for the second task process response message from the handheld game assistant server 530 before receiving the decrypted first task process response message at 30 min 00 sec at 2018 th month, 28 th day. When the current time reaches the expiration time, for example, 30 min 00 s at 11 p.9/28/2018, the game server 520 does not wait for the second task processing response message from the hand-game assistant server 530, but determines the processing result using the received decrypted first task processing response message.

The game 502 sends a result query request including a task name to the hand-tour assistant server 530 to cause the hand-tour assistant server 530 to determine the content of the queried task and the processing result based on the task name. The task contents and the processing results in the decrypted first task processing response message are verified for correctness based on the queried task contents and processing results received from the handheld assistant server 530. Wherein the correctness verification may be a determination of whether the task content and processing results in the decrypted first task processing response message are the same as the queried task content and processing results received from the handheld assistant server 530. When it is determined that the verification results of the task content and the processing result in the decrypted first task processing response message are correct, that is, the task content and the processing result in the decrypted first task processing response message are the same as the queried task content and processing result received from the handheld assistant server 530, the decrypted first task processing response message is sent to the game server 520 associated with the game 502.

The present application causes the game server 520 to parse the decrypted first task process response message to obtain the task name, the task content, the process result, and the expiration time, after receiving the decrypted first task process response message. Wherein upon determining that the processing result is successful, the update content associated with the game 502 among the task contents of the decrypted first task processing response message is acquired. If it is determined that the current time exceeds the expiration time, the running state of the game 502 is updated according to the update content associated with the game 502 among the task contents of the decrypted first task process response message.

In other cases, the present application causes the game server 520 to parse the decrypted first task process response message to obtain the task name, the task content, the processing result, and the expiration time after receiving the decrypted first task process response message. Upon determining that the processing result is successful, the update content associated with the game 502 among the task contents of the decrypted first task processing response message is acquired. If it is determined that the current time does not exceed the expiration time, then a second task processing response message associated with the game 502 from the handheld assistant server 530 is awaited.

Further, when receiving the second task processing response message associated with the game 502 from the hand-game assistant server 530, the game server 520 determines whether the processing result in the second task processing response message and the processing result in the decrypted first task processing response message are the same, and if they are, updates the running state of the game 502 according to the update content associated with the game 502 in the task content of the decrypted first task processing response message.

When receiving the second task processing response message associated with the game 502 from the hand-game assistant server 530, the game server 520 determines whether the processing result in the second task processing response message and the processing result in the decrypted first task processing response message are the same, and if not, does not update the running state of the game 502. The application also includes sending a response message to the game 502 that the running status update failed.

Fig. 6 is a schematic structural diagram of a system 600 for processing a cloud data request according to another preferred embodiment of the present invention. The system 600 can receive an encrypted cloud data request from a cloud service through a secure interaction channel between a locally-running client application and the cloud service running at the cloud end, and obtain a to-be-processed data task based on processing the encrypted cloud data request, and the system 600 sends a task processing request including the to-be-processed data task to a service server to which the client application belongs, encrypts a first task processing response message associated with task processing and received from the service server, and sends the first task processing response message to the cloud service through the secure interaction channel.

As shown in fig. 6, the system 600 includes: a receiving unit 601, a decryption unit 602, a transmitting unit 603, an encryption unit 604, and an initialization unit 605. The receiving unit 601 receives an encrypted cloud data request from a cloud service through a secure interaction channel between a locally running client application and a cloud service running in the cloud by using a cloud service function embedded in the client application.

The decryption unit 602 decrypts the encrypted cloud data request to obtain a decrypted cloud data request, and parses the decrypted cloud data request to obtain a to-be-processed data task, where the to-be-processed data task is from a cloud source application running in a cloud service. After generating the to-be-processed data task according to the task name and the task content, the client function sends the to-be-processed data task to the cloud service, so that the cloud service sets/allocates an identifier of a cloud data request for cloud identification distinguishing or an identifier capable of uniquely identifying the cloud data request for the to-be-processed data task, and can generate the cloud data request according to the to-be-processed data task and the identifier of the cloud data request.

The cloud service determines an identifier of the cloud data request according to an identifier of a cloud source application that generates the data task to be processed. For example, a hash value of an identifier of the cloud source application is calculated, and the calculated hash value is used as the identifier of the cloud data request. Alternatively, the identifier of the cloud source application, the current time, and the task number are combined to generate an identifier of the cloud data request.

Wherein generating a response message indicating whether to allow the state change according to the received state change request comprises: when the application server receives the state change request from the cloud source application, validity verification is carried out on the updating content associated with the cloud source application and the updating condition associated with the updating content, and when the updating content associated with the cloud source application and the updating condition associated with the updating content are determined to pass the validity verification, a response message allowing the state change is sent to the cloud source application. When the update content associated with the cloud source application and the update condition associated with the update content are determined not to pass the validity verification, a response message that the state change is not allowed is sent to the cloud source application.

When the cloud source application receives a response message associated with the state change from the application server, the response message associated with the state change is parsed to determine whether the application server allows the state change. When the response message associated with the state change indicates that the application server allows the cloud source application to perform the state change, the cloud source application generates a task name and task content based on the change content, wherein the task name comprises: the task title, the task identification number and the task generation time, and the task content comprises: the method includes the steps of identifying a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, update content associated with the cloud source application, and update conditions associated with the update content. And the cloud source application generates a data task to be processed according to the task name and the task content.

The transmitting unit 603 transmits a task processing request including a data task to be processed to the task processing server to cause the task processing server that received the task processing request to perform task processing based on a task name and task content included in the data task to be processed. Alternatively, the application may select a task processing server associated with the data task to be processed from the plurality of task processing servers according to the task name in the data task to be processed.

Before sending a task processing request including a data task to be processed to the task processing server, the method further comprises the following steps: and when the task processing server determines that the data task to be processed needs to be processed, a task processing request comprising the data task to be processed is sent to the task processing server. When it is determined that the data task to be processed does not need to be processed by the task processing server, a task processing request including the data task to be processed is not sent to the task processing server. For example, when the task name is a payment task, then it is determined that the pending payment task needs to be processed by the task processing server, e.g., by the payment center. And sending the task processing request comprising the payment task to be processed to the task processing server. For example, when the task name is a data query task, it is determined that the data query task to be processed does not need to be processed by the task processing server. And sending a task processing request comprising a data query task to be processed to the data server.

And sending a first task processing response message associated with task processing to a business server to which the client application belongs by using the cloud service function embedded in the client application. The service server receiving the first task process response message associated with the task process acquires the identifier of the application server from the task content of the first task process response message. The application causes a push timer to be started and an expiration time to be set for the push timer when a first task process response message associated with a task process is received by a traffic server. For example, the current time is 20 minutes 05 seconds at 11 o 'clock 28 o' clock in 2018, and the expiration time is 25 minutes 36 seconds at 11 o 'clock 28 o' clock in 2018. When the push timer expires, for example, when the current time reaches 25 minutes and 36 seconds at 11 th 28 th 9 th 2018, the service server determines the network address of the application server based on the identifier of the application server, and forms a second task processing response message by the processing result, the task name and the task content of the data task to be processed according to the network address of the application server, and sends the second task processing response message to the application server.

The sending unit 603 sends the encrypted first task processing response message to the cloud service through the secure interaction channel by using the cloud service function embedded in the client application. The cloud service provides or sends the encrypted first task processing response message to the cloud source application. The method and the system prompt the embedded client function in the cloud source application to decrypt the encrypted first task processing response message to obtain the decrypted first task processing response message, and analyze the decrypted first task processing response message to obtain the task name, the task content, the processing result and the expiration time. The cloud source application sends a result query request including a task name to the business server to cause the business server to determine queried task content and processing results based on the task name. And verifying the correctness of the task content and the processing result in the decrypted first task processing response message based on the inquired task content and the processing result received from the task server. Wherein the correctness verification may be to determine whether the task content and the processing result in the decrypted first task processing response message are the same as the queried task content and processing result received from the task server. And when the verification result of the task content and the processing result in the decrypted first task processing response message is determined to be correct, namely the task content and the processing result in the decrypted first task processing response message are the same as the inquired task content and the processing result received from the task server, sending the decrypted first task processing response message to the application server associated with the cloud source application.

The encryption unit 604 encrypts the first task process response message associated with the task process received from the task process server to generate an encrypted first task process response message. The method and the device enable the client function embedded in the cloud source application to decrypt the encrypted first task processing response message to obtain the decrypted first task processing response message, and analyze the decrypted first task processing response message to obtain the task name, the task content, the processing result and the expiration time. Wherein the expiration time is a last time the application server waits for the second task from the service server to process the response message. For example, if the expiration time is 30 minutes 00 seconds at 11 o ' clock at 28 o ' clock in 2018, 9 o ' clock at 28 o ' clock at 11 o ' clock at 28 o ' clock in 2018, the application server waits for the second task processing response message from the service server before receiving the decrypted first task processing response message at 30 minutes 00 seconds at 11 o ' clock in 2018, 9 o ' clock at 28 o ' clock. When the current time reaches the expiration time, for example, 30 min 00 s at 11 p.9/28/2018, the application server does not wait for the second task processing response message from the service server, but determines the processing result using the received decrypted first task processing response message.

The application server is prompted to analyze the decrypted first task processing response message to obtain the task name, the task content, the processing result and the expiration time after receiving the decrypted first task processing response message. And when the processing result is determined to be successful, acquiring the update content associated with the cloud source application in the task content of the decrypted first task processing response message. And if the current time exceeds the expiration time, updating the running state of the cloud source application according to the updating content associated with the cloud source application in the task content of the decrypted first task processing response message.

In other cases, the application server is prompted to parse the decrypted first task processing response message to obtain the task name, the task content, the processing result and the expiration time after receiving the decrypted first task processing response message. And when the processing result is determined to be successful, acquiring the update content associated with the cloud source application in the task content of the decrypted first task processing response message. And if the current time is determined not to exceed the expiration time, waiting for a second task processing response message associated with the cloud source application from the business server.

In addition, when a second task processing response message associated with the cloud source application is received from the business server, the application server determines whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if so, updates the running state of the cloud source application according to an update content associated with the cloud source application in the task content of the decrypted first task processing response message.

When a second task processing response message associated with the cloud source application is received from the business server, the application server determines whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if not, the running state of the cloud source application is not updated. The method further comprises the step of sending a response message of failure in updating the running state to the cloud source application.

The initialization unit 605 embeds a cloud service function for establishing a secure interaction channel with a cloud service running in the cloud into a client application running in the local. Alternatively, the cloud service functionality is embedded into the client application when the client application is installed into the user device. Alternatively, the cloud service functionality is embedded into the client application when the client application is generated. Alternatively, the cloud service function is installed or embedded in the client application in response to an installation request or an embedding request of the cloud service.

The cloud service function in the client application is functionally independent from the client application, that is, the operation of the cloud service function and the operation of the client application are independent from each other. The client application cannot modify data received by the cloud service function or data to be sent. The cloud service function can send and/or receive data to the cloud service, but the sent and/or received data are encrypted data. The client application cannot crack encrypted data and therefore cannot view and modify transmitted and/or received data. That is, the data transmitted in the secure interaction channel is encrypted data.

The initialization unit 605 embeds a client function in a cloud source application running in a cloud service. The method and the device can embed the client function in the cloud source application when the cloud source application is initialized to be ready to run. Alternatively, the client function can be embedded in the cloud source application when the cloud source application is started and operated. And the client function is used for generating the data task to be processed according to the task name and the task content.

The invention has been described with reference to a few embodiments. However, other embodiments of the invention than the one disclosed above are equally possible within the scope of the invention, as would be apparent to a person skilled in the art from the appended patent claims.

Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a/an/the [ means, component, etc ]" are to be interpreted openly as referring to at least one instance of said means, component, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.

Claims

1. A method for processing a cloud data request, the method for processing a cloud data request performed by a system for processing a cloud data request, the method comprising:

receiving an encrypted cloud data request from a cloud service through a secure interaction channel between a locally-operated client application and the cloud service operated at the cloud by using a cloud service function embedded in the client application;

decrypting the encrypted cloud data request to obtain a decrypted cloud data request, and analyzing the decrypted cloud data request to obtain a data task to be processed, wherein the data task to be processed is from a cloud source application running in a cloud service;

sending a task processing request including a data task to be processed to a task processing server to prompt the task processing server receiving the task processing request to perform task processing based on a task name and task content included in the data task to be processed; and

the method includes encrypting a first task process response message associated with task processing received from a task processing server to generate an encrypted first task process response message, and sending the encrypted first task process response message to a cloud service through a secure interaction channel using a cloud service function embedded in a client application.

2. The method of claim 1, further comprising embedding, in the locally running client application, cloud service functionality for establishing a secure interaction channel with a cloud service running in the cloud, prior to utilizing the cloud service functionality embedded in the client application.

3. The method of claim 1 or 2, the cloud service function and the client application being functionally independent of each other, and the client application being unable to modify data received by the cloud service function or data to be transmitted.

4. The method of claim 1, wherein the data transmitted in the secure interaction channel is encrypted data.

5. The method of claim 1, the decrypted cloud data request comprising: an identifier of the cloud data request and the data task to be processed, wherein the identifier of the cloud data request is used for uniquely identifying the decrypted cloud data request.

6. The method of claim 1, wherein task names comprise: task title, task identification number and task generation time.

7. The method of claim 1, wherein task content comprises: the method comprises the steps of identifying an identifier of a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, update content associated with the cloud source application and update conditions associated with the update content.

8. The method of claim 1, further comprising embedding client functionality in a cloud-sourced application running in the cloud service, the client functionality to generate pending data tasks from task names and task content.

9. The method of claim 1, wherein the client function sends the data task to be processed to the cloud service, so that the cloud service allocates an identifier of a cloud data request for cloud identification differentiation to the data task to be processed, and can generate the cloud data request according to the data task to be processed and the identifier of the cloud data request.

10. The method of claim 1, the cloud service determining an identifier of the cloud data request from an identifier of a cloud source application that generated the pending data task.

11. The method of claim 1, the cloud service encrypting the generated cloud data request to generate an encrypted cloud data request, the encrypted cloud data request being sent to a cloud service function embedded in the client application through the secure interaction channel.

12. The method of claim 1, further comprising sending a status change request including change content to the application server when the cloud source application needs to make a change in the running status during running, so as to cause the application server to generate a response message indicating whether the status change is allowed according to the status change request received from the cloud source application.

13. The method of claim 1, when the cloud source application receives a response message associated with the state change from the application server, parsing the response message associated with the state change to determine whether the application server allows the state change, when the response message associated with the state change indicates that the application server allows the cloud source application to make the state change, the cloud source application generating a task name and task content based on the change content, wherein the task name comprises: the task title, the task identification number and the task generation time, and the task content comprises: an identifier of a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, update content associated with the cloud source application, and update conditions associated with the update content; and

and generating a data task to be processed according to the task name and the task content.

14. The method of claim 1, prior to sending a task processing request including a data task to be processed to a task processing server, further comprising:

and when the data task to be processed is determined to be processed by the task processing server, a task processing request comprising the data task to be processed is sent to the task processing server.

15. The method of claim 1, causing the task processing server to parse the received pending data task to determine task content, selecting a business process flow associated with the update content from the plurality of business process flows based on the update content associated with the cloud source application in the task content, causing the selected business process flow to perform the business process according to an update condition associated with the update content in the task content.

16. The method of claim 1, notifying the task processing server of the processing result of the data task to be processed when the selected business process flow determines that the processing of the data task to be processed has been completed, so that the task processing server generates a first task processing response message based on the received processing result, task name, task content, and expiration time, and sends the first task processing response message associated with the task processing to the cloud service function embedded in the client application.

17. The method of claim 1, sending a first task process response message associated with task processing to a business server to which the client application belongs using a cloud service function embedded in the client application.

18. The method of claim 1, wherein the service server receiving the first task process response message associated with the task process obtains the identifier of the application server from the task content of the first task process response message.

19. The method of claim 1, further comprising causing a push timer to be started and set an expiration time for the push timer when the service server receives the first task processing response message, determining a network address of the application server based on an identifier of the application server when the push timer expires, forming a second task processing response message from a processing result, a task name and a task content of the data task to be processed according to the network address of the application server, and transmitting the second task processing response message to the application server.

20. The method of claim 1, further comprising causing the embedded client function in the cloud-source application to decrypt the encrypted first task process response message to obtain a decrypted first task process response message, parse the decrypted first task process response message to obtain a task name, task content, a processing result, and an expiration time;

sending a result query request including a task name to the business server to cause the business server to determine queried task content and processing results based on the task name;

verifying the correctness of the task content and the processing result in the decrypted first task processing response message based on the inquired task content and the processing result received from the task server; and

21. The method of claim 1, further comprising causing the application server, upon receiving the decrypted first task process response message, to parse the decrypted first task process response message to obtain a task name, task content, process results, and an expiration time;

22. The method of claim 1, further comprising causing the application server, upon receiving the decrypted first task process response message, to parse the decrypted first task process response message to obtain a task name, task content, process results, and an expiration time;

and if the current time is determined not to exceed the expiration time, waiting for a second task processing response message associated with the cloud source application from the business server.

23. The method according to claim 1, further comprising, when receiving a second task processing response message associated with the cloud source application from the business server, the application server determining whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if so, updating the running state of the cloud source application according to an update content associated with the cloud source application in task content of the decrypted first task processing response message.

24. The method of claim 1, further comprising, when receiving a second task processing response message associated with the cloud-source application from the business server, the application server determining whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if not, not updating the running status of the cloud-source application.

25. The method of claim 1, further comprising sending a response message to the cloud source application that the running status update failed.

26. A system for processing cloud-based data requests, the system comprising:

the receiving unit is used for receiving an encrypted cloud data request from the cloud service through a secure interaction channel between the locally-operated client application and the cloud service operated at the cloud end by utilizing the cloud service function embedded in the client application;

a sending unit that sends a task processing request including a data task to be processed to a task processing server to cause the task processing server that received the task processing request to perform task processing based on a task name and task content included in the data task to be processed; and

27. The system of claim 26, further comprising an initialization unit that embeds in a locally running client application a cloud service function for establishing a secure interaction channel with a cloud service running in a cloud.

28. The system of claim 26 or 27, the cloud service function and the client application being functionally independent of each other, and the client application being unable to modify data received by the cloud service function or data to be transmitted.

29. The system of claim 26, wherein the data transmitted in the secure interaction channel is encrypted data.

30. The system of claim 26, the decrypted cloud data request comprising: an identifier of the cloud data request and the data task to be processed, wherein the identifier of the cloud data request is used for uniquely identifying the decrypted cloud data request.

31. The system of claim 26, wherein task names include: task title, task identification number and task generation time.

32. The system of claim 26, wherein task content comprises: the method includes the steps of initiating task processing, and including an identifier of a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, update content associated with the cloud source application, and update conditions associated with the update content.

33. The system of claim 26, further comprising an initialization unit to embed a client function in a cloud source application running in the cloud service, the client function to generate a pending data task from a task name and task content.

34. The system of claim 26, wherein the client function sends the pending data task to the cloud service, such that the cloud service allocates an identifier of the cloud data request for cloud identification differentiation to the pending data task, and is capable of generating the cloud data request according to the pending data task and the identifier of the cloud data request.

35. The system of claim 26, the cloud service determining an identifier of the cloud data request from an identifier of a cloud source application that generated the pending data task.

36. The system of claim 26, the cloud service encrypts the generated cloud data request to generate an encrypted cloud data request, the encrypted cloud data request being sent to the cloud service function embedded in the client application through the secure interaction channel.

37. The system of claim 26, further comprising sending a state change request including change content to the application server to cause the application server to generate a response message indicating whether the state change is allowed or not according to the state change request received from the cloud source application when the cloud source application needs to make a change in the running state during running.

38. The system of claim 26, wherein when the cloud source application receives a response message from the application server associated with the status change, the response message associated with the status change is parsed to determine whether the application server allows the status change, and when the response message associated with the status change indicates that the application server allows the cloud source application to make the status change, the cloud source application generates a task name and task content based on the change content, wherein the task name comprises: the task title, the task identification number and the task generation time, and the task content comprises: an identifier of a user initiating task processing, an identifier of a cloud source application, an identifier of an application server, update content associated with the cloud source application, and update conditions associated with the update content; and

39. The system of claim 26, wherein the sending unit determines whether the data task to be processed needs to be processed by the task processing server according to a task name in the data task to be processed, and sends a task processing request including the data task to be processed to the task processing server when it is determined that the data task to be processed needs to be processed by the task processing server.

40. The system of claim 26, the task processing server is caused to parse the received pending data task to determine task content, a business process flow associated with the update content is selected from the plurality of business process flows based on an update content of the task content associated with the cloud source application, and the selected business process flow is caused to perform the business process according to an update condition of the task content associated with the update content.

41. The system of claim 26, when the selected business process flow determines that the data task to be processed has been processed completely, notifying the task processing server of a processing result of the data task to be processed, such that the task processing server generates a first task process response message based on the received processing result, task name, task content, and expiration time, and sends the first task process response message associated with the task process to the cloud service function embedded in the client application.

42. The system according to claim 26, wherein the sending unit sends the first task process response message associated with the task process to the service server to which the client application belongs, using a cloud service function embedded in the client application.

43. The system of claim 26, wherein the service server that receives the first task process response message associated with the task process obtains the identifier of the application server from the task content of the first task process response message.

44. The system of claim 26, further comprising causing a push timer to be started and set an expiration time for the push timer when the service server receives the first task processing response message, the service server determining a network address of the application server based on an identifier of the application server when the push timer expires, constructing a second task processing response message from a processing result, a task name and a task content of the data task to be processed according to the network address of the application server, and transmitting the second task processing response message to the application server.

45. The system of claim 26, further comprising causing the embedded client function in the cloud source application to decrypt the encrypted first task process response message to obtain a decrypted first task process response message, parse the decrypted first task process response message to obtain a task name, task content, process results, and an expiration time;

46. The system of claim 26, further comprising causing the application server, upon receiving the decrypted first task process response message, to parse the decrypted first task process response message to obtain a task name, task content, process results, and an expiration time;

47. The system of claim 26, further comprising causing the application server, upon receiving the decrypted first task process response message, to parse the decrypted first task process response message to obtain a task name, task content, process results, and an expiration time;

48. The system of claim 26, further comprising, when receiving a second task processing response message associated with the cloud-source application from the business server, the application server determining whether a processing result in the second task processing response message is the same as a processing result in the decrypted first task processing response message, and if so, updating the running state of the cloud-source application according to an update content associated with the cloud-source application in task content of the decrypted first task processing response message.

49. The system of claim 26, further comprising, when receiving a second task process response message associated with the cloud-source application from the business server, the application server determining whether the processing result in the second task process response message is the same as the processing result in the decrypted first task process response message, and if not, not updating the operating status of the cloud-source application.

50. The system of claim 26, further comprising sending a response message to the cloud source application that the running status update failed.

51. A mobile terminal comprising a system as claimed in any of claims 26 to 50.