CN111859403A - Method and device for determining dependency vulnerability, electronic equipment and storage medium - Google Patents
Method and device for determining dependency vulnerability, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN111859403A CN111859403A CN202010754824.3A CN202010754824A CN111859403A CN 111859403 A CN111859403 A CN 111859403A CN 202010754824 A CN202010754824 A CN 202010754824A CN 111859403 A CN111859403 A CN 111859403A
- Authority
- CN
- China
- Prior art keywords
- batch
- dependency relationship
- job
- jobs
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the disclosure provides a method and a device for determining a dependency vulnerability, electronic equipment and a storage medium, which can be used in the field of information security or finance. The method comprises the following steps: acquiring an actual dependency relationship among a plurality of batch jobs in a process of executing the plurality of batch jobs, wherein the plurality of batch jobs are jobs calling the same batch file; acquiring a preset dependency relationship among a plurality of batch jobs predefined in an operation control system; and determining a result for representing the possibility of vulnerability of the preset dependency relationship in the job control system according to the actual dependency relationship and the preset dependency relationship among the batch jobs.
Description
Technical Field
The embodiment of the disclosure relates to the technical field of computers, and more particularly, to a method and an apparatus for determining dependency vulnerability in batch operation, an electronic device and a storage medium.
Background
The host batch application system calls a batch job program through batch jobs of the host, accesses the batch files through the batch job program to obtain processing results, and stores the processing results into the batch files.
Because the host batch application system itself has a logical relationship, that is, it requires that part of the batch jobs need to be executed sequentially, and another part of the batch jobs do not need to be executed sequentially, FOR the batch jobs that do not need to be executed sequentially, it needs to be executed in parallel in order to improve the efficiency of the batch jobs, and FOR the batch jobs that need to be executed sequentially, it needs to ensure that the sequential execution relationship among the batch jobs is correct, and the sequential execution among the batch jobs is usually controlled by a job control system (TWS) of the host, therefore, in order to ensure the efficiency of the batch jobs and improve the correctness of the batch jobs, it needs to ensure that the sequential execution relationship among the batch jobs set in the job control system is correct. The sequential execution refers to providing a batch file obtained after one batch job is executed for another batch job to use. Two bulk files having a sequential execution relationship are referred to as bulk files having a dependency relationship (i.e., a context relationship).
In implementing the disclosed concept, the inventors found that there are at least the following problems in the related art: whether the dependency relationship set in the operation control system has a bug or not is difficult to determine by adopting the related technology.
Disclosure of Invention
In view of this, the present disclosure provides a method and an apparatus for determining a dependency vulnerability in a batch job, an electronic device, and a storage medium.
One aspect of the embodiments of the present disclosure provides a method for determining a dependency vulnerability in batch operations, where the method includes: acquiring an actual dependency relationship among a plurality of batch jobs in a process of executing the batch jobs, wherein the batch jobs are jobs calling the same batch file; acquiring a preset dependency relationship among the batch jobs predefined in the job control system; and determining a result for representing the possibility of the vulnerability of the preset dependency relationship in the job control system according to the actual dependency relationship and the preset dependency relationship among the batch jobs.
According to an embodiment of the present disclosure, the determining, according to the actual dependency relationship and the preset dependency relationship among the batch jobs, a result for representing a possibility that a preset dependency relationship in the job control system has a vulnerability includes: determining that a preset dependency relationship with a leak exists in the job control system under the condition that the actual dependency relationship among the plurality of batch jobs is inconsistent with the preset dependency relationship; and determining that the preset dependency relationship in the job control system is normal when the actual dependency relationship between the plurality of batch jobs is consistent with the preset dependency relationship.
According to an embodiment of the present disclosure, in a case that an actual dependency relationship between the plurality of batch jobs is inconsistent with the preset dependency relationship, the method further includes: and storing the target batch operation corresponding to the preset dependency relationship with the holes in an in-doubt data table.
According to an embodiment of the present disclosure, after storing the target batch job corresponding to the preset dependency relationship with the leak in an in-doubt data table, the method further includes: acquiring access time set for each batch job in the target batch jobs in the job control system; and determining that the preset dependency corresponding to the target batch job in the job control system is normal under the condition that the access time set by each batch job in the target batch job is different.
According to an embodiment of the present disclosure, after storing the target batch job corresponding to the preset dependency relationship with the leak in an in-doubt data table, the method further includes: and determining that a preset dependency corresponding to the target batch job in the job control system is normal when the target batch job is an invalid batch job.
According to an embodiment of the present disclosure, after storing the target batch job corresponding to the preset dependency relationship with the leak in an in-doubt data table, the method further includes: determining batch files corresponding to the target batch jobs; and determining that the preset dependency corresponding to the target batch job in the job control system is normal under the condition that the batch file corresponding to the target batch job is an invalid batch file.
According to an embodiment of the present disclosure, the obtaining the actual dependency relationship between the plurality of batch jobs in the process of executing the plurality of batch jobs includes: acquiring an access mode corresponding to each batch job; and determining the actual dependency relationship among the plurality of batch jobs according to the access mode corresponding to each batch job.
According to an embodiment of the present disclosure, the determining an actual dependency relationship between the plurality of batch jobs according to the access manner corresponding to each batch job includes: and determining that the two batch jobs have actual dependency relationship when at least one of the access modes of the two batch jobs is a writing mode or a modification mode.
According to an embodiment of the present disclosure, the acquiring a preset dependency relationship between the plurality of batch jobs predefined in the job control system includes: determining a direct dependency between two batch jobs set in the job control system; determining an indirect dependency relationship between the two batch jobs set in the job control system, wherein the indirect dependency relationship indicates that other batch jobs are included between the two batch jobs; and obtaining a preset dependency relationship between the two batch jobs according to the direct dependency relationship and the indirect dependency relationship.
Another aspect of the embodiments of the present disclosure provides an apparatus for determining a dependency vulnerability in batch jobs, where the apparatus includes: the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring the actual dependency relationship among a plurality of batch jobs in the process of executing the batch jobs, and the batch jobs are jobs calling the same batch files; the second acquisition module is used for acquiring a preset dependency relationship among the batch jobs predefined in the job control system; and the first determining module is used for determining a result for representing the possibility that the preset dependency relationship in the operation control system has a vulnerability according to the actual dependency relationship and the preset dependency relationship among the batch operations.
Another aspect of the disclosed embodiments provides an electronic device, including: one or more processors; memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method as described above.
Another aspect of the embodiments of the present disclosure provides a computer-readable storage medium having stored thereon executable instructions, which when executed by a processor, cause the processor to implement the method as described above.
Another aspect of embodiments of the present disclosure provides a computer program comprising computer executable instructions for implementing the method as described above when executed.
According to the embodiment of the disclosure, the actual dependency relationship among a plurality of batch jobs in the process of executing the plurality of batch jobs is obtained, the plurality of batch jobs are jobs calling the same batch file, the preset dependency relationship among the plurality of batch jobs predefined in the job control system is obtained, and on the basis, the result for representing the possibility that the preset dependency relationship in the job control system has a vulnerability is determined according to the actual dependency relationship and the preset dependency relationship among the plurality of batch jobs. The preset dependency relationship among the batch jobs is verified according to the actual dependency relationship among the batch jobs, so that whether the dependency relationship set in the job control system has a bug or not is accurately determined, and the technical problem that whether the dependency relationship set in the job control system has the bug or not is difficult to determine in related technologies is at least partially solved. In addition, since the preset dependency relationship among the plurality of batch jobs is verified according to the actual dependency relationship among the plurality of batch jobs, the problem that it is difficult to verify the correctness of the preset dependency relationship set in the job control system in a test manner and to adjust the dependency relationship set in the job control system in a manual manner is also solved.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent from the following description of embodiments of the present disclosure with reference to the accompanying drawings, in which:
FIG. 1 schematically illustrates an exemplary system architecture to which a method for determining dependency vulnerabilities in batch jobs may be applied, according to an embodiment of the present disclosure;
FIG. 2 is a flow chart that schematically illustrates a method for determining dependency vulnerabilities in a batch job, in accordance with an embodiment of the present disclosure;
FIG. 3 is a flow chart that schematically illustrates another method for determining a dependency vulnerability in a batch job, in accordance with an embodiment of the present disclosure;
FIG. 4 is a block diagram schematically illustrating an apparatus for determining dependency vulnerabilities in batch jobs according to an embodiment of the present disclosure; and
fig. 5 schematically shows a block diagram of an electronic device adapted to implement a method for determining a dependency vulnerability in a batch job according to an embodiment of the present disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a convention analogous to "A, B or at least one of C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B or C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
At present, the number of batch jobs controlled by a job control system in a host batch application system is large, so that the parallel relation among the batch jobs is difficult to count. For example, in actual production, the number of batch jobs sometimes exceeds 12 ten thousand, the number of batch files used by a batch job in operation exceeds 100 ten thousand, the direct dependency set by the job control system exceeds 30 ten thousand, and the maximum number of nesting layers of the indirect dependency exceeds 200.
Dependencies between batch jobs may include direct dependencies and indirect dependencies. Illustratively, if there is a direct dependency between batch job A and batch job B, and a direct dependency between batch job B and batch job C, then there is an indirect dependency between batch job A and batch job C. An indirect dependency may be understood to include other batch jobs between two batch jobs.
Furthermore, dependencies may also be referred to as contextual relationships. Accordingly, a direct dependency relationship may be referred to as a direct antecedent-antecedent relationship, and an indirect dependency relationship may be referred to as an indirect antecedent-antecedent relationship. In addition, a direct dependency may also be referred to as an immediate dependency, and an indirect dependency may also be referred to as a non-immediate dependency. I.e. direct dependencies, direct contexts and adjacencies may represent the same meaning. Indirect dependencies, indirect contextual relationships, and non-immediate relationships may represent the same meaning.
If the host batch application needs to add or modify functionality, the set dependencies by the job control system typically also need to be adjusted accordingly. If the dependency relationship set in the job control system is missing, that is, the dependency relationship has a bug, the operation sequence between the batch jobs may be wrong, and the wrong operation sequence may cause production problems, such as wrong financial data, and further cause the loss of manpower and financial resources. In implementing the disclosed concept, the inventors found that to solve the above problems, the related art provides a way to: the developer adjusts the dependency relationship by means of memory, and verifies the correctness of the dependency relationship set by the operation control system in a test mode.
In the course of implementing the present disclosure, the inventors found that there are at least the following technical problems in the related art: developers have difficulty in performing effective control in a complex host batch application system, that is, it is difficult to find an effective means in a development environment to ensure the correctness of the dependency relationships (i.e., batch job scheduling) set by the job control system. Because the running time of the batch operation program changes due to changes of program processing data volume, host resource conditions and the like, namely, for the same data and the same batch operation program, if the host resource conditions are different, the running sequence of the batch operation program is different, the complete test of the dependency relationship set on the operation control system through the test is difficult to complete within a limited time, namely, the complete test of the dependency relationship is difficult to realize by adopting an effective test means during the test.
In order to solve the technical problems in the related art and achieve more accurate determination of whether a dependency relationship set in a job control system has a vulnerability, the inventors have found that an actual dependency relationship between a plurality of batch jobs in a process of executing a plurality of batch jobs, which are jobs calling the same batch file, can be obtained from a job library. A preset dependency relationship between a plurality of batch jobs defined in advance in the job control system may be acquired. On this basis, the preset dependency relationship among the batch jobs and the actual dependency relationship among the batch jobs can be compared to obtain a result for representing the possibility that the preset dependency relationship in the job control system has a vulnerability. The actual dependency relationship is a dependency relationship corresponding to the execution of the batch jobs, and the preset dependency relationship is a dependency relationship set by the job control system. The possibility that the preset dependency has the vulnerability means whether the preset dependency has the vulnerability. The following description will be given with reference to specific examples.
The embodiment of the disclosure provides a method and a device for determining dependency vulnerability in batch operation and electronic equipment capable of applying the method. The determining method, the determining device and the electronic equipment can be used in the aspect of vulnerability of dependency relationship in batch operation processing in the field of information security or the field of finance, and can also be used in any field except the field of information security or the field of finance. The method comprises the steps of obtaining actual dependency relationships among a plurality of batch jobs in the process of executing the plurality of batch jobs, obtaining preset dependency relationships among the plurality of batch jobs predefined in a job control system, and determining results for representing the possibility of vulnerability of the preset dependency relationships according to the actual dependency relationships and the preset dependency relationships among the plurality of batch jobs.
Fig. 1 schematically illustrates an exemplary system architecture 100 to which a method for determining dependency vulnerabilities in batch jobs may be applied, according to an embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which the embodiments of the present disclosure may be applied to help those skilled in the art understand the technical content of the present disclosure, and does not mean that the embodiments of the present disclosure may not be applied to other devices, systems, environments or scenarios.
As shown in fig. 1, the system architecture 100 according to this embodiment may include terminal devices 101, 102, 103, a network 104 and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired and/or wireless communication links, and so forth.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have various messaging client applications installed thereon, such as a banking application, a shopping application, a web browser application, a search application, an instant messaging tool, a mailbox client, and/or social platform software, etc. (by way of example only).
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 105 may be a server providing various services, such as a background management server (for example only) providing support for websites browsed by users using the terminal devices 101, 102, 103. The background management server may analyze and perform other processing on the received data such as the user request, and feed back a processing result (e.g., a webpage, information, or data obtained or generated according to the user request) to the terminal device.
It should be noted that the method for determining a dependency vulnerability in a batch job provided by the embodiment of the present disclosure may be generally executed by the server 105. Accordingly, the apparatus for determining a dependency vulnerability in a batch job provided by the embodiments of the present disclosure may be generally disposed in the server 105. The method for determining the dependency vulnerability in the batch jobs provided by the embodiment of the present disclosure may also be executed by a server or a server cluster that is different from the server 105 and can communicate with the terminal devices 101, 102, 103 and/or the server 105. Correspondingly, the determination device for the dependency vulnerability in the batch jobs provided by the embodiment of the present disclosure may also be disposed in a server or a server cluster that is different from the server 105 and can communicate with the terminal devices 101, 102, 103 and/or the server 105.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Fig. 2 schematically shows a flowchart of a method for determining a dependency vulnerability in a batch job according to an embodiment of the present disclosure.
As shown in fig. 2, the method includes operations S210 to S230.
In operation S210, actual dependency relationships between a plurality of batch jobs in executing the plurality of batch jobs are acquired, wherein the plurality of batch jobs are jobs that call the same batch file.
In an embodiment of the present disclosure, the actual dependency relationship may refer to a dependency relationship between two batch jobs in the process of executing the batch jobs, that is, the two batch jobs have a dependency relationship in the process of executing the batch jobs, and this dependency relationship may be referred to as an actual dependency relationship. Because the dependencies may be referred to as contextual relationships, the actual dependencies may be referred to as actual contextual relationships.
Actual dependencies between the plurality of batch jobs in executing the plurality of batch jobs may be obtained from a job library. Wherein the plurality of batch jobs are jobs that call the same batch file. That is, the batch jobs corresponding to each batch file and the access method of each batch job may be obtained from the job library, where the access method is a method in which the batch jobs access the batch files. The actual dependency relationship between the batch jobs may be determined based on the access manner of the batch jobs corresponding to each batch file.
Illustratively, there are batch job F, batch job G, batch job H, and batch job I. The job library includes a batch file 1 and a batch file 2. Batch job F, batch job G, and batch job H are jobs that call batch file 1. The batch job H and the batch job I are jobs in which the batch file 2 is called.
Batch job F and batch job G have an actual dependency relationship therebetween, i.e., batch job F and batch job G are two batch jobs having an actual dependency relationship. Batch job H and batch job I have an actual dependency relationship therebetween, i.e., batch job H and batch job I are two batch jobs having an actual dependency relationship.
In operation S220, a preset dependency relationship between a plurality of batch jobs predefined in a job control system is acquired.
In the embodiment of the present disclosure, a dependency relationship between two batch jobs is predefined in the job control system, and the dependency relationship between two batch jobs set by the job control system may be referred to as a preset dependency relationship, that is, two batch jobs have a dependency relationship in the job control system, and this dependency relationship may be referred to as a preset dependency relationship. Since the dependency relationship may be referred to as a context relationship, the preset dependency relationship may be referred to as a preset context relationship.
In an embodiment of the present disclosure, a direct dependency between two batch jobs set by a job control system may be determined, an indirect dependency between two batch jobs having the direct dependency may be determined, and a preset dependency between two batch jobs may be obtained according to the direct dependency and the indirect dependency.
Illustratively, a preset dependency relationship between batch job F and batch job G is set as in the job control system, i.e., batch job F and batch job G are two batch jobs having a preset dependency relationship.
In operation S230, a result for characterizing the possibility that the preset dependency in the job control system has a vulnerability is determined according to the actual dependency and the preset dependency among the plurality of batch jobs.
In the embodiment of the present disclosure, the possibility that the preset dependency has a vulnerability includes that the preset dependency has a vulnerability or the preset dependency does not have a vulnerability, that is, the preset dependency is normal.
And determining whether a preset dependency relationship consistent with the actual dependency relationship exists or not aiming at each actual dependency relationship. Based on the determination result, the determination result of each actual dependency relationship can be obtained, and the result that the vulnerability of the preset dependency relationship in the operation control system is possible is determined according to each determination result.
Illustratively, the actual dependency relationship between the plurality of batch jobs of the plurality of batch job execution processes is obtained, wherein the batch job F and the batch job G have the actual dependency relationship therebetween. There is an actual dependency between batch job H and batch job I. The preset dependency relationship between the batch jobs F and the batch jobs G is set in the job control system, namely the batch jobs F and the batch jobs G have the preset dependency relationship.
In the embodiment of the present disclosure, the actual dependency relationship between batch job F and batch job G is referred to as a first actual dependency relationship, and the actual dependency relationship between batch job H and batch job I is referred to as a second actual dependency relationship.
For the first actual dependency, there is a preset dependency consistent with the first actual dependency. And aiming at the second actual dependency relationship, no preset dependency relationship consistent with the second actual dependency relationship exists. And determining that a vulnerability with the preset dependency relationship exists in the operation control system, wherein the vulnerability is the lack of the preset dependency relationship which is consistent with the second actual dependency relationship.
The batch jobs may include stock batch jobs or incremental batch jobs.
According to the technical scheme of the embodiment of the disclosure, the actual dependency relationship among a plurality of batch jobs in the process of executing the batch jobs is obtained, the batch jobs are jobs calling the same batch files, the preset dependency relationship among the batch jobs predefined in the job control system is obtained, and on the basis, the result for representing the possibility that the preset dependency relationship in the job control system has a vulnerability is determined according to the actual dependency relationship and the preset dependency relationship among the batch jobs. The preset dependency relationship among the batch jobs is verified according to the actual dependency relationship among the batch jobs, so that whether the dependency relationship set in the job control system has a bug or not is accurately determined, and the technical problem that whether the dependency relationship set in the job control system has the bug or not is difficult to determine in related technologies is at least partially solved. In addition, since the preset dependency relationship among the plurality of batch jobs is verified according to the actual dependency relationship among the plurality of batch jobs, the problem that it is difficult to verify the correctness of the preset dependency relationship set in the job control system in a test manner and to adjust the dependency relationship set in the job control system in a manual manner is also solved.
Optionally, on the basis of the foregoing technical solution, determining a result for characterizing the possibility that the preset dependency in the job control system has a vulnerability according to the actual dependency and the preset dependency among the multiple batch jobs may include: and determining that the preset dependency relationship with the holes exists in the job control system under the condition that the actual dependency relationship and the preset dependency relationship among the batch jobs are inconsistent. And determining that the preset dependency relationship in the job control system is normal under the condition that the actual dependency relationship and the preset dependency relationship among the batch jobs are consistent.
In an embodiment of the present disclosure, for each actual dependency, it is determined whether there is a preset dependency that is consistent with the actual dependency. If the preset dependency consistent with the actual dependency does not exist, it can be determined that a vulnerability with the preset dependency exists in the job control system. If the actual dependency relationships are determined, and the preset dependency relationships consistent with the actual dependency relationships exist, the preset dependency relationships of the job control system can be determined to be normal.
Optionally, on the basis of the foregoing technical solution, in a case that an actual dependency relationship between a plurality of batch jobs is inconsistent with a preset dependency relationship, the method may further include: and storing the target batch operation corresponding to the preset dependency relationship with the holes in an in-doubt data table. In the embodiment of the disclosure, when it is determined that the preset dependency relationship with the leak exists in the job control system, the batch job corresponding to the preset dependency relationship with the leak may be further stored as the target batch job in the doubt data table, so as to subsequently determine whether the target batch job does not have the preset dependency relationship and is normal.
The target batch operation refers to two batch operations corresponding to a preset dependency relationship with a leak, wherein the preset dependency relationship with the leak refers to the fact that the preset dependency relationship consistent with the actual dependency relationship does not exist. The number of target batch jobs may be multiple.
Illustratively, there is an actual dependency between batch job F and batch job G. There is an actual dependency between batch job G and batch job H. There is an actual dependency between batch job H and batch job I. The preset dependency relationship between the batch jobs F and the batch jobs G is set in the job control system, namely the batch jobs F and the batch jobs G have the preset dependency relationship.
The actual dependency between batch job F and batch job G is referred to as a first actual dependency, the actual dependency between batch job H and batch job I is referred to as a second actual dependency, and the actual dependency between batch job G and batch job H is referred to as a third actual dependency.
For the first actual dependency, there is a preset dependency consistent with the first actual dependency. And aiming at the second actual dependency relationship, no preset dependency relationship consistent with the second actual dependency relationship exists. For the third actual dependency, there is no preset dependency consistent with the third actual dependency. And determining that a vulnerability with the preset dependency relationship exists in the operation control system, wherein the vulnerability is the lack of the preset dependency relationship consistent with the second actual dependency relationship and the lack of the preset dependency relationship consistent with the third actual dependency relationship.
Two batch jobs corresponding to the preset dependency relationship which is not consistent with the second actual dependency relationship are taken as target batch jobs, namely the target batch jobs are the batch job H and the batch job I, and two batch jobs corresponding to the preset dependency relationship which is not consistent with the third actual dependency relationship are taken as target batch jobs, namely the target batch jobs are the batch job G and the batch job H.
Storing the batch job H and the batch job I to an in-doubt data table, and storing the batch job G and the batch job H to the in-doubt data table.
Optionally, on the basis of the foregoing technical solution, after storing the target batch job corresponding to the preset dependency relationship with the leak in the doubt data table, the method may further include: an access time set in the job control system for each batch job in the target batch job is obtained. And determining that the preset dependency corresponding to the target batch jobs in the job control system is normal under the condition that the access time set by each batch job in the target batch jobs is different.
In embodiments of the present disclosure, in the development of a host batch application system, batch jobs of different access times are allowed to use the same batch files.
Under the condition, if the preset dependency consistent with the actual dependency does not exist, and the access time of two batch jobs in the actual dependency is different, the preset dependency with the holes, which meets the condition, in the job control system can be determined to be the normal preset dependency.
For the target batch job, the access time set in the job control system for each batch job in the target batch job may be acquired. If the access time of the two batch jobs in the target batch job is different, it can be determined that the preset dependency corresponding to the target batch job in the job control system is normal.
Illustratively, batch job H and batch job I are stored in an in-doubt data table, and batch job G and batch job H are stored in an in-doubt data table. The access time of the batch job G is the daytime time, the access time of the batch job H is the daytime time, and the access time of the batch job I is the end-of-day time.
Since the access time of the batch job G and the batch job H in the target batch job is the same, a preset dependency relationship needs to be set between the batch job G and the batch job H. Because a preset dependency relationship needs to be set between the batch job G and the batch job H, the preset dependency relationship corresponding to the batch job G and the batch job H is a preset dependency relationship with a leak.
Since the access time of the batch job H and the batch job I in the target batch job is different, the preset dependency relationship between the batch job H and the batch job I is normal.
Optionally, on the basis of the foregoing technical solution, after storing the target batch job corresponding to the preset dependency relationship with the leak in the doubt data table, the method may further include: and under the condition that the target batch jobs are invalid batch jobs, determining that the preset dependency corresponding to the target batch jobs in the job control system is normal.
In this embodiment of the present disclosure, for a certain actual dependency relationship, if the actual dependency relationship is an invalid dependency relationship, that is, if two batch jobs having the actual dependency relationship are invalid jobs, if there is no preset dependency relationship that is consistent with the actual dependency relationship, it may be stated that the preset dependency relationship is not a preset dependency relationship in which a bug exists in the operating system, and it is normal that there is no preset dependency relationship in the operating system.
Illustratively, batch job H and batch job I are stored in an in-doubt data table, and batch job G and batch job H are stored in an in-doubt data table. Wherein, the batch operation G, the batch operation H and the batch operation I are invalid batch operations.
Since the batch job G and the batch job H in the target batch job are invalid batch jobs, the preset dependency relationship between the batch job G and the batch job H is normal. Similarly, the predetermined dependency between batch job H and batch job I is normal.
Optionally, on the basis of the foregoing technical solution, after storing the target batch job corresponding to the preset dependency relationship with the leak in the doubt data table, the method may further include: and determining a batch file corresponding to the target batch job. And under the condition that the batch files corresponding to the target batch jobs are invalid batch files, determining that the preset dependency corresponding to the target batch jobs in the job control system is normal.
In this embodiment of the present disclosure, for a certain actual dependency relationship, if the batch files accessed by two batch jobs corresponding to the actual dependency relationship are invalid batch files, it may be stated that the preset dependency relationship is not a preset dependency relationship in which a vulnerability exists in the job control system, and it is normal that the preset dependency relationship does not exist in the job control system. I.e., determining the batch file corresponding to the target batch job. And under the condition that the batch files corresponding to the target batch jobs are invalid batch files, determining that the preset dependency corresponding to the target batch jobs in the job control system is normal.
Illustratively, batch job H and batch job I are stored in an in-doubt data table, and batch job G and batch job H are stored in an in-doubt data table. The batch files corresponding to the batch jobs H and I are batch files 2, and the batch files corresponding to the batch jobs G and H are batch files 1. Batch file 1 is an invalid batch file and batch file 2 is a valid batch file.
Since the batch file 1 corresponding to the batch job G and the batch job H is an invalid batch file, the preset dependency relationship between the batch job G and the batch job H is normal.
Since the batch file 2 corresponding to the batch job H and the batch job I is an effective batch file, a preset dependency relationship needs to be set between the batch job H and the batch job I. Because a preset dependency relationship needs to be set between the batch job H and the batch job I, the preset dependency relationship corresponding to the batch job H and the batch job I is a preset dependency relationship with a leak.
Optionally, on the basis of the foregoing technical solution, acquiring an actual dependency relationship between a plurality of batch jobs in a process of executing a plurality of batch jobs may include: an access method corresponding to each batch job is obtained. And determining the actual dependency relationship among the batch jobs according to the access mode corresponding to each batch job.
In the embodiment of the present disclosure, in order to obtain the actual dependency relationship between batch jobs, a batch file based manner may be adopted.
The batch jobs corresponding to each batch file and the access mode of each batch job can be obtained, and the access mode is a mode of accessing the batch files by the batch jobs. The access mode may include a read mode, a write mode, or a modify mode.
And determining the actual dependency relationship among the batch jobs according to the access mode of each batch job corresponding to each batch file, namely determining the actual dependency relationship among the batch jobs according to the access mode of each batch job corresponding to the batch file for each batch file.
Optionally, on the basis of the foregoing technical solution, determining an actual dependency relationship between a plurality of batch jobs according to an access manner corresponding to each batch job may include: and determining that the two batch jobs have actual dependency relationship when at least one of the access modes of the two batch jobs is a writing mode or a modification mode.
In the embodiment of the disclosure, if at least one of the access modes of the two batch jobs corresponding to the same batch file is the write mode or the modification mode, the two batch jobs should have an actual dependency relationship, because the batch file is changed if the access mode is the write mode or the modification mode, and therefore, if at least one of the access modes of the two batch jobs corresponding to the same batch file is the write mode or the modification mode, an error occurs in the batch file. In the above case, there should be an actual dependency between the two batch jobs.
Whether two batch jobs have actual dependency relationship can be determined according to whether at least one of the access modes of the two batch jobs corresponding to the same batch file is a writing mode or a modification mode, namely, if at least one of the access modes of the two batch jobs corresponding to the same batch file is a writing mode or a modification mode, the two batch jobs can be determined to have actual dependency relationship. If the access modes of the two batch jobs corresponding to the same batch file are both read modes, it can be determined that there is no actual dependency relationship between the two batch jobs. At least one of the access modes for two batch jobs corresponding to the same batch file is a write mode or a modification mode, and may include: the access modes of the two batch jobs are both writing modes; or the access modes of the two batch jobs are modification modes; or the mode of one batch job is a writing mode, and the access mode of the other batch job is a modification mode; or the access mode of one batch job is a reading mode, and the access mode of the other batch job is a writing mode; or the access mode of one batch job is a reading mode, and the access mode of the other batch job is a modification mode.
Illustratively, there are batch job F, batch job G, batch job H, and batch job I. The access mode of the batch job F is a writing mode, the access mode of the batch job G is a reading mode, the access mode of the batch job H is a reading mode, and the access mode of the batch job I is a modifying mode. The batch job library includes a batch file 1 and a batch file 2. Batch job F, batch job G, and batch job H are jobs that call batch file 1. The batch job H and the batch job I are jobs in which the batch file 2 is called.
For the batch file 1, the access mode of the batch job F is a write mode, and the access mode of the batch job G is a read mode, so the batch job F and the batch job G have an actual dependency relationship. Since the access mode of the batch job F is a write mode and the access mode of the batch job H is a read mode, the batch job F and the batch job H have an actual dependency relationship. Since the access method of the batch job G is a read method and the access method of the batch job H is a read method, the batch job G and the batch job H do not have an actual dependency relationship.
For the batch file 2, the access mode of the batch job H is a read mode, and the access mode of the batch job I is a modification mode, so that the batch job H and the batch job I have an actual dependency relationship.
Optionally, on the basis of the foregoing technical solution, acquiring a preset dependency relationship between a plurality of batch jobs predefined in the job control system may include: a direct dependency between two batch jobs set in a job control system is determined. An indirect dependency between two batch jobs set in a job control system is determined, wherein the indirect dependency characterizes the inclusion of other batch jobs between the two batch jobs. And obtaining a preset dependency relationship between the two batch jobs according to the direct dependency relationship and the indirect dependency relationship.
In an embodiment of the present disclosure, in order to obtain a preset dependency relationship between a plurality of batch jobs set in advance in a job control system, a direct dependency relationship between two batch jobs set by the job control system may be determined, and an indirect dependency relationship between two batch jobs set by the job control system may be determined. On the basis, the preset dependency relationship between the two batch jobs can be obtained according to the direct dependency relationship and the indirect dependency relationship.
It should be noted that the preset dependency relationship between two batch jobs is a recursive relationship. Accordingly, the problem of determining the predetermined dependency between two batch jobs is a recursive problem. When the preset dependency relationship among a plurality of batch jobs preset in the job control system is obtained, the problems of high system overhead and low efficiency caused by solving the recursion problem also need to be considered.
To solve the problem, the embodiment of the present disclosure provides a method for solving a recursion problem by using a linear algorithm. The method comprises the steps of defining a two-dimensional array JOBPRE (serial number and batch job name), reading a joblist1 sequentially, assigning a front item of batch jobs to the two-dimensional array JOBPRE, assigning a sequence number of the batch jobs in the two-dimensional array JOBPRE to an array TMPPRE1 (batch job name), reading the two-dimensional array JOBPRE sequentially, and obtaining a preset dependency relationship between a plurality of batch jobs set by a job control system, wherein the preset dependency relationship comprises a direct dependency relationship and an indirect dependency relationship.
It should be noted that, the embodiment of the present disclosure further provides an inquiry function, where the inquiry function is used to inquire whether there is a preset dependency in the job control system between two batch jobs. The query function is used for regression testing in testing, so that the operation of query and manual search through the operation control system is simplified. In addition, the query result can be displayed and stored in a corresponding file.
It should be further noted that the technical solutions provided by the embodiments of the present disclosure are applicable to all host systems, and the host systems may include a public system, a personal system, an overseas system, and the like.
Fig. 3 schematically shows a flowchart of another method for determining a dependency vulnerability in a batch job according to an embodiment of the present disclosure.
As shown in fig. 3, the method includes operations S301 to S315.
In operation S301, an access method corresponding to each batch job is acquired.
In operation S302, whether at least one of the access modes of the two batch jobs is a write mode or a modification mode; if yes, perform operation S303; if not, operation S304 is performed.
In operation S303, the two batch jobs are made to have actual dependencies.
In operation S304, the two batch jobs are not actually dependent.
In operation S305, a direct dependency between two batch jobs set in a job control system is determined.
In operation S306, an indirect dependency between two batch jobs set in the job control system is determined, wherein the indirect dependency characterizes that other batch jobs are included between the two batch jobs.
In operation S307, a preset dependency relationship between the two batch jobs is obtained according to the direct dependency relationship and the indirect dependency relationship.
In operation S308, whether actual dependencies between the plurality of batch jobs and preset dependencies are consistent; if yes, perform operation S309; if not, operation S310 is performed.
In operation S309, a preset dependency relationship with a leak exists in the job control system, and operation S311 is performed.
In operation S310, the preset dependency in the job control system is normal.
In operation S311, a target batch job corresponding to a preset dependency relationship with a leak is stored in an in-doubt data table.
In operation S312, an access time set in the job control system for each batch job in the target batch job is acquired.
In operation S313, whether the access time set for each of the target batch jobs is different; if yes, perform operation S314; if not, operation S315 is performed.
In operation S314, the preset dependency corresponding to the target batch job in the job control system is normal.
In operation S315, a predetermined dependency relationship with a leak in the job control system is determined.
In the embodiment of the disclosure, by adopting the technical scheme provided by the embodiment of the disclosure, regarding to the batch jobs of the first version, it is found that 35 bugs with preset dependency relationships exist in the job control system. For the batch operation of the second version, finding that 46 loopholes with preset dependency relationships exist in an operation control system, wherein the hit rate of the loopholes exceeds 70%;
according to the technical scheme of the embodiment of the disclosure, the actual dependency relationship among a plurality of batch jobs in the process of executing the batch jobs is obtained, the batch jobs are jobs calling the same batch files, the preset dependency relationship among the batch jobs predefined in the job control system is obtained, and on the basis, the result for representing the possibility that the preset dependency relationship in the job control system has a vulnerability is determined according to the actual dependency relationship and the preset dependency relationship among the batch jobs. The preset dependency relationship among the batch jobs is verified according to the actual dependency relationship among the batch jobs, so that whether the dependency relationship set in the job control system has a bug or not is accurately determined, and the technical problem that whether the dependency relationship set in the job control system has the bug or not is difficult to determine in related technologies is at least partially solved. In addition, since the preset dependency relationship among the plurality of batch jobs is verified according to the actual dependency relationship among the plurality of batch jobs, the problem that it is difficult to verify the correctness of the preset dependency relationship set in the job control system in a test manner and to adjust the dependency relationship set in the job control system in a manual manner is also solved.
Fig. 4 schematically shows a block diagram of an apparatus for determining a dependency vulnerability in a batch job according to an embodiment of the present disclosure.
As shown in fig. 4, the determining apparatus 400 may include a first obtaining module 410, a second obtaining module 420, and a first determining module 430.
The first acquisition module 410, the second acquisition module 420, and the first determination module 430 are communicatively coupled.
The first obtaining module 410 is configured to obtain actual dependency relationships among multiple batch jobs in a process of executing multiple batch jobs, where the multiple batch jobs are jobs that call a same batch file.
A second obtaining module 420, configured to obtain a preset dependency relationship between a plurality of batch jobs predefined in the job control system.
The first determining module 430 is configured to determine, according to an actual dependency relationship and a preset dependency relationship among multiple batch jobs, a result for representing a possibility that a preset dependency relationship in the job control system has a vulnerability.
According to the technical scheme of the embodiment of the disclosure, the actual dependency relationship among a plurality of batch jobs in the process of executing the batch jobs is obtained, the batch jobs are jobs calling the same batch files, the preset dependency relationship among the batch jobs predefined in the job control system is obtained, and on the basis, the result for representing the possibility that the preset dependency relationship in the job control system has a vulnerability is determined according to the actual dependency relationship and the preset dependency relationship among the batch jobs. The preset dependency relationship among the batch jobs is verified according to the actual dependency relationship among the batch jobs, so that whether the dependency relationship set in the job control system has a bug or not is accurately determined, and the technical problem that whether the dependency relationship set in the job control system has the bug or not is difficult to determine in related technologies is at least partially solved. In addition, since the preset dependency relationship among the plurality of batch jobs is verified according to the actual dependency relationship among the plurality of batch jobs, the problem that it is difficult to verify the correctness of the preset dependency relationship set in the job control system in a test manner and to adjust the dependency relationship set in the job control system in a manual manner is also solved.
Optionally, on the basis of the above technical solution, the first determining module 430 may include a first determining sub-module and a second determining sub-module.
And the first determining submodule is used for determining that the preset dependency relationship with the holes exists in the work control system under the condition that the actual dependency relationship and the preset dependency relationship among the batch jobs are inconsistent.
And the second determining submodule is used for determining that the preset dependency relationship in the job control system is normal under the condition that the actual dependency relationship and the preset dependency relationship among the batch jobs are consistent.
Optionally, on the basis of the foregoing technical solution, in a case that an actual dependency relationship between a plurality of batch jobs is inconsistent with a preset dependency relationship, the method may further include:
and storing the target batch operation corresponding to the preset dependency relationship with the holes in an in-doubt data table.
Optionally, on the basis of the foregoing technical solution, the determining apparatus 400 may further include a third obtaining module and a second determining module.
And the third acquisition module is used for acquiring the access time set for each batch job in the target batch jobs in the job control system.
And the second determining module is used for determining that the preset dependency corresponding to the target batch jobs in the job control system is normal under the condition that the access time set by each batch job in the target batch jobs is different.
Optionally, on the basis of the foregoing technical solution, the determining apparatus 400 may further include a third determining module.
And the third determining module is used for determining that the preset dependency corresponding to the target batch job in the job control system is normal under the condition that the target batch job is an invalid batch job.
Optionally, on the basis of the above technical solution, the determining apparatus 400 may further include a fourth determining module and a fifth determining module.
And the fourth determining module is used for determining the batch files corresponding to the target batch jobs.
And the fifth determining module is used for determining that the preset dependency relationship corresponding to the target batch job in the job control system is normal under the condition that the batch file corresponding to the target batch job is an invalid batch file.
Optionally, on the basis of the above technical solution, the first obtaining module 410 may include an obtaining sub-module and a third determining sub-module.
And the acquisition submodule is used for acquiring the access mode corresponding to each batch job.
And the third determining submodule is used for determining the actual dependency relationship among the batch jobs according to the access mode corresponding to each batch job.
Optionally, on the basis of the above technical solution, the third determining submodule may include a determining unit.
And the determining unit is used for determining that the two batch jobs have actual dependency relationship under the condition that at least one of the access modes of the two batch jobs is a writing mode or a modification mode.
Optionally, on the basis of the foregoing technical solution, the second obtaining module 420 may include a fourth determining sub-module, a fifth determining sub-module, and a generating sub-module.
A fourth determination submodule for determining a direct dependency between two batch jobs set in the job control system.
And a fifth determining submodule, configured to determine an indirect dependency relationship between two batch jobs set in the job control system, where the indirect dependency relationship indicates that other batch jobs are included between the two batch jobs.
And the generation submodule is used for obtaining a preset dependency relationship between two batch jobs according to the direct dependency relationship and the indirect dependency relationship.
Any number of modules, sub-modules, units, or at least part of the functionality of any number thereof according to embodiments of the present disclosure may be implemented in one module. Any one or more of the modules, sub-modules, units according to the embodiments of the present disclosure may be implemented by being split into a plurality of modules. Any one or more of the modules, sub-modules, units according to the embodiments of the present disclosure may be implemented at least partially as a hardware Circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented by hardware or firmware in any other reasonable manner of integrating or packaging a Circuit, or implemented by any one of three implementations of software, hardware, and firmware, or any suitable combination of any of them. Alternatively, one or more of the modules, sub-modules, units according to embodiments of the disclosure may be implemented at least partly as computer program modules, which, when executed, may perform corresponding functions.
For example, any plurality of the first obtaining module 410, the second obtaining module 420 and the first determining module 430 may be combined and implemented in one module/unit, or any one of the modules/units may be split into a plurality of modules/units/sub-units. Alternatively, at least part of the functionality of one or more of these modules/units may be combined with at least part of the functionality of other modules/units and implemented in one module/unit. According to an embodiment of the present disclosure, at least one of the first obtaining module 410, the second obtaining module 420, and the first determining module 430 may be implemented at least partially as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in hardware or firmware in any other reasonable manner of integrating or packaging a circuit, or in any one of three implementations of software, hardware, and firmware, or in any suitable combination of any of them. Alternatively, at least one of the first obtaining module 410, the second obtaining module 420 and the first determining module 430 may be at least partially implemented as a computer program module, which when executed, may perform a corresponding function.
It should be noted that, in the embodiment of the present disclosure, a portion of the determining apparatus for dependency bug in batch job corresponds to a portion of the determining method for dependency bug in batch job in the embodiment of the present disclosure, and the description of the portion of the determining apparatus for dependency bug in batch job specifically refers to the portion of the determining method for dependency bug in batch job, which is not described herein again.
Fig. 5 schematically shows a block diagram of an electronic device adapted to implement the above described method according to an embodiment of the present disclosure. The electronic device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 5, an electronic device 500 according to an embodiment of the present disclosure includes a processor 501, which can perform various appropriate actions and processes according to a program stored in a Read-Only Memory (ROM) 502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. The processor 501 may comprise, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or associated chipset, and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), among others. The processor 501 may also include onboard memory for caching purposes. Processor 501 may include a single processing unit or multiple processing units for performing different actions of a method flow according to embodiments of the disclosure.
In the RAM 503, various programs and data necessary for the operation of the electronic apparatus 500 are stored. The processor 501, the ROM502, and the RAM 503 are connected to each other by a bus 504. The processor 501 performs various operations of the method flows according to the embodiments of the present disclosure by executing programs in the ROM502 and/or the RAM 503. Note that the programs may also be stored in one or more memories other than the ROM502 and the RAM 503. The processor 501 may also perform various operations of method flows according to embodiments of the present disclosure by executing programs stored in the one or more memories.
According to an embodiment of the present disclosure, system 500 may also include an input/output (I/O) interface 505, input/output (I/O) interface 505 also being connected to bus 504. The system 500 may also include one or more of the following components connected to the I/O interface 505: an input portion 506 including a keyboard, a mouse, and the like; an output portion 507 including a Display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and a speaker; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication processing via a network such as the internet. The driver 510 is also connected to the I/O interface 505 as necessary. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.
According to embodiments of the present disclosure, method flows according to embodiments of the present disclosure may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable storage medium, the computer program containing program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511. The computer program, when executed by the processor 501, performs the above-described functions defined in the system of the embodiments of the present disclosure. The systems, devices, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.
The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement the method according to an embodiment of the disclosure.
According to an embodiment of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium. Examples may include, but are not limited to: a portable Computer diskette, a hard disk, a Random Access Memory (RAM), a Read-Only Memory (ROM), an erasable Programmable Read-Only Memory (EPROM) (erasable Programmable Read-Only Memory) or flash Memory), a portable compact Disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the preceding. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
For example, according to embodiments of the present disclosure, a computer-readable storage medium may include ROM502 and/or RAM 503 and/or one or more memories other than ROM502 and RAM 503 described above.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
The embodiments of the present disclosure have been described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described separately above, this does not mean that the measures in the embodiments cannot be used in advantageous combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be devised by those skilled in the art without departing from the scope of the present disclosure, and such alternatives and modifications are intended to be within the scope of the present disclosure.
Claims (12)
1. A method for determining dependency vulnerability in batch operation comprises the following steps:
acquiring an actual dependency relationship among a plurality of batch jobs in a process of executing the batch jobs, wherein the batch jobs are jobs calling the same batch file;
acquiring a preset dependency relationship among the batch jobs predefined in the job control system; and
and determining a result for representing the possibility of vulnerability of the preset dependency relationship in the operation control system according to the actual dependency relationship among the batch operations and the preset dependency relationship.
2. The method of claim 1, wherein the determining, according to the actual dependency relationship and the preset dependency relationship among the batch jobs, a result for characterizing the possibility that the preset dependency relationship in the job control system has a vulnerability comprises:
determining that a preset dependency relationship with a leak exists in the job control system under the condition that the actual dependency relationship among the plurality of batch jobs is inconsistent with the preset dependency relationship; and
and determining that the preset dependency relationship in the job control system is normal under the condition that the actual dependency relationship among the batch jobs is consistent with the preset dependency relationship.
3. The method of claim 2, wherein in the event of an inconsistency between the actual dependencies and the preset dependencies between the plurality of batch jobs, the method further comprises:
and storing the target batch operation corresponding to the preset dependency relationship with the holes in an in-doubt data table.
4. The method of claim 3, wherein after storing the target batch job corresponding to the preset dependency with the leak to an in-doubt data table, further comprising:
acquiring access time set for each batch job in the target batch jobs in the job control system; and
and under the condition that the access time set by each batch job in the target batch jobs is different, determining that the preset dependency corresponding to the target batch jobs in the job control system is normal.
5. The method of claim 3, wherein after storing the target batch job corresponding to the preset dependency with the leak to an in-doubt data table, further comprising:
and determining that a preset dependency corresponding to the target batch job in the job control system is normal under the condition that the target batch job is an invalid batch job.
6. The method of claim 3, wherein after storing the target batch job corresponding to the preset dependency with the leak to an in-doubt data table, further comprising:
determining batch files corresponding to the target batch jobs; and
and under the condition that the batch files corresponding to the target batch jobs are invalid batch files, determining that the preset dependency corresponding to the target batch jobs in the job control system is normal.
7. The method of any of claims 1-6, wherein the obtaining actual dependencies between the plurality of batch jobs in executing the plurality of batch jobs comprises:
acquiring an access mode corresponding to each batch job; and
and determining the actual dependency relationship among the batch jobs according to the access mode corresponding to each batch job.
8. The method of any of claims 1-6, wherein determining the actual dependencies among the plurality of batch jobs according to the access style corresponding to each batch job comprises:
and determining that the two batch jobs have actual dependency relationship when at least one of the access modes of the two batch jobs is a writing mode or a modification mode.
9. The method according to any one of claims 1 to 6, wherein the obtaining of the preset dependency relationship between the plurality of batch jobs predefined in the job control system comprises:
determining a direct dependency between two batch jobs set in the job control system;
determining an indirect dependency relationship between the two batch jobs set in the job control system, wherein the indirect dependency relationship characterizes that other batch jobs are included between the two batch jobs; and
and obtaining a preset dependency relationship between the two batch jobs according to the direct dependency relationship and the indirect dependency relationship.
10. An apparatus for determining dependency vulnerabilities in batch jobs, comprising:
the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring the actual dependency relationship among a plurality of batch jobs in the process of executing the batch jobs, and the batch jobs are jobs calling the same batch files;
the second acquisition module is used for acquiring a preset dependency relationship among the batch jobs predefined in the job control system; and
and the first determining module is used for determining a result for representing the possibility that the preset dependency relationship in the operation control system has a vulnerability according to the actual dependency relationship among the batch operations and the preset dependency relationship.
11. An electronic device, comprising:
one or more processors;
a memory for storing one or more programs,
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-9.
12. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to carry out the method of any one of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010754824.3A CN111859403B (en) | 2020-07-30 | 2020-07-30 | Dependency vulnerability determination method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010754824.3A CN111859403B (en) | 2020-07-30 | 2020-07-30 | Dependency vulnerability determination method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111859403A true CN111859403A (en) | 2020-10-30 |
| CN111859403B CN111859403B (en) | 2023-09-05 |
Family
ID=72946528
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010754824.3A Active CN111859403B (en) | 2020-07-30 | 2020-07-30 | Dependency vulnerability determination method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111859403B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112596878A (en) * | 2020-12-24 | 2021-04-02 | 上海艾融软件股份有限公司 | Batch processing method and device and electronic equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190050262A1 (en) * | 2017-08-14 | 2019-02-14 | Tata Consultancy Services Limited | Automated system for optimizing batch processing time |
| CN109359949A (en) * | 2018-10-30 | 2019-02-19 | 中国建设银行股份有限公司 | Process methods of exhibiting and device |
| CN110287052A (en) * | 2019-06-25 | 2019-09-27 | 深圳前海微众银行股份有限公司 | A kind of root of abnormal task determines method and device because of task |
| CN110333932A (en) * | 2019-06-13 | 2019-10-15 | 上海金融期货信息技术有限公司 | Service orchestration and relationship managing method and system based on container cloud |
| CN110543356A (en) * | 2019-09-11 | 2019-12-06 | 深圳前海微众银行股份有限公司 | abnormal task detection method, device and equipment and computer storage medium |
| CN111310998A (en) * | 2020-02-13 | 2020-06-19 | 中国工商银行股份有限公司 | Method and device for generating critical path, electronic equipment and medium |
-
2020
- 2020-07-30 CN CN202010754824.3A patent/CN111859403B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190050262A1 (en) * | 2017-08-14 | 2019-02-14 | Tata Consultancy Services Limited | Automated system for optimizing batch processing time |
| CN109359949A (en) * | 2018-10-30 | 2019-02-19 | 中国建设银行股份有限公司 | Process methods of exhibiting and device |
| CN110333932A (en) * | 2019-06-13 | 2019-10-15 | 上海金融期货信息技术有限公司 | Service orchestration and relationship managing method and system based on container cloud |
| CN110287052A (en) * | 2019-06-25 | 2019-09-27 | 深圳前海微众银行股份有限公司 | A kind of root of abnormal task determines method and device because of task |
| CN110543356A (en) * | 2019-09-11 | 2019-12-06 | 深圳前海微众银行股份有限公司 | abnormal task detection method, device and equipment and computer storage medium |
| CN111310998A (en) * | 2020-02-13 | 2020-06-19 | 中国工商银行股份有限公司 | Method and device for generating critical path, electronic equipment and medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112596878A (en) * | 2020-12-24 | 2021-04-02 | 上海艾融软件股份有限公司 | Batch processing method and device and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111859403B (en) | 2023-09-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9325717B1 (en) | Web-store restriction of external libraries | |
| WO2017166447A1 (en) | Method and device for loading kernel module | |
| US9038185B2 (en) | Execution of multiple execution paths | |
| US9652220B2 (en) | Zero down-time deployment of new application versions | |
| US20140223414A1 (en) | Paige control for enterprise mobile applications | |
| CN111427579A (en) | Plug-in, application program implementing method and system, computer system and storage medium | |
| CN113268684A (en) | Data processing method, device, terminal equipment and storage medium | |
| CN112799940A (en) | Regression testing method, device, computer system and computer readable storage medium | |
| CN108121650B (en) | Method and device for testing page user interface | |
| CN111506904B (en) | Method and device for online bug repair | |
| CN111930629A (en) | Page testing method and device, electronic equipment and storage medium | |
| CN111859403B (en) | Dependency vulnerability determination method and device, electronic equipment and storage medium | |
| CN110717992A (en) | Method, device, computer system and readable storage medium for scheduling model | |
| CN112506781B (en) | Test monitoring method, device, electronic equipment, storage medium and program product | |
| CN114253599A (en) | Version deployment method, version deployment device, electronic device and storage medium | |
| CN114035864A (en) | Interface processing method, interface processing device, electronic device, and storage medium | |
| CN115080433A (en) | Testing method and device based on flow playback | |
| CN113535590A (en) | Program testing method and device | |
| CN114116509A (en) | Program analysis method, program analysis device, electronic device, and storage medium | |
| CN112988604A (en) | Object testing method, testing system, electronic device and readable storage medium | |
| CN113176907A (en) | Interface data calling method and device, computer system and readable storage medium | |
| CN112068814A (en) | Method, device, system and medium for generating executable file | |
| CN110704320A (en) | Control operation method and device | |
| CN112579282A (en) | Data processing method, device, system and computer readable storage medium | |
| US11144431B2 (en) | Configuration-based code construct for restriction checks in component of a web application |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |