CN114614993A - System interaction method and device, electronic equipment and storage medium - Google Patents
System interaction method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN114614993A CN114614993A CN202210283458.7A CN202210283458A CN114614993A CN 114614993 A CN114614993 A CN 114614993A CN 202210283458 A CN202210283458 A CN 202210283458A CN 114614993 A CN114614993 A CN 114614993A
- Authority
- CN
- China
- Prior art keywords
- access
- authentication
- interaction
- request
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000007474 system interaction Effects 0.000 title claims abstract description 81
- 238000000034 method Methods 0.000 title claims abstract description 45
- 230000003993 interaction Effects 0.000 claims abstract description 41
- 230000006870 function Effects 0.000 claims description 22
- 238000004590 computer program Methods 0.000 claims description 12
- 238000012795 verification Methods 0.000 claims description 10
- 230000002452 interceptive effect Effects 0.000 claims description 6
- 238000010276 construction Methods 0.000 claims description 4
- 238000004458 analytical method Methods 0.000 claims description 2
- 239000000126 substance Substances 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 abstract description 5
- 238000012423 maintenance Methods 0.000 abstract description 3
- 238000004891 communication Methods 0.000 description 11
- 238000007726 management method Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000011144 upstream manufacturing Methods 0.000 description 4
- 238000013473 artificial intelligence Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000000605 extraction Methods 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of operation and maintenance, and discloses a system interaction method, a device, electronic equipment and a storage medium, wherein the method comprises the following steps: the method comprises the steps of obtaining a service system to be interacted, dividing the service system into an access system and an authentication system, and constructing system interaction keys of the access system and the authentication system; receiving an access request sent to the authentication system by the access system, and analyzing an access token in the access request; and authenticating the access token according to the system interaction key, inquiring request data of the access request from the authentication system when the authentication of the access token is successful, and returning the request data to the access system. In addition, the invention also relates to a block chain technology, and the request data can be stored in the block chain. The invention can improve the interaction efficiency of the system.
Description
Technical Field
The present invention relates to the field of operation and maintenance technologies, and in particular, to a system interaction method and apparatus, an electronic device, and a computer-readable storage medium.
Background
With the rapid development of the internet, data access requirements of cross-system interaction exist among different systems, for example, a mall order system needs to access logistics information of an order logistics system
However, the data request of the conventional cross-system interaction is usually realized by developing a system interface, that is, the system a requests data to be accessed in the system B through the interface of the system B, but if the system a continuously sends a data acquisition requirement to the system B subsequently, the number of interfaces interfacing between the systems is increased, which results in a higher coupling degree between the systems, and thus the efficiency of the cross-system interaction is low.
Disclosure of Invention
The invention provides a system interaction method, a system interaction device, electronic equipment and a computer readable storage medium, and mainly aims to improve the efficiency of system interaction.
In order to achieve the above object, the present invention provides a system interaction method, including:
the method comprises the steps of obtaining a service system to be interacted, dividing the service system into an access system and an authentication system, and constructing system interaction keys of the access system and the authentication system;
receiving an access request sent to the authentication system by the access system, and analyzing an access token in the access request;
and authenticating the access token according to the system interaction key, inquiring request data of the access request from the authentication system when the authentication of the access token is successful, and returning the request data to the access system.
Optionally, the dividing the service system into an access system and an authentication system includes:
acquiring a system function of each system in the service system, and constructing a dependency relationship of each system in the service system according to the system function;
determining the identity interaction type of each system in the service system according to the dependency relationship;
if the identity interaction type is a data access type, dividing the system into access systems;
and if the identity interaction type is a data authentication type, dividing the system into authentication systems.
Optionally, the constructing a dependency relationship of each system in the business system according to the system function includes:
acquiring the service attribute of each system from the service system according to the system function;
and constructing a relation triple of each system in the service system and the rest systems in the service system according to the service attribute, and generating a dependency relation of each system in the service system according to the relation triple.
Optionally, the constructing a system interaction key of the access system and the authentication system includes:
performing system security verification on the access system in the authentication system;
and when the system security verification is successful, registering the system identification of the access system in the authentication system, and encrypting the registered system identification to obtain the system interaction key.
Optionally, the parsing the access token in the access request includes:
identifying an access parameter in the access request, and extracting the identity identification information in the access request according to the access parameter;
and splicing each identity in the identity information according to preset splicing characters to obtain the access token.
Optionally, the authenticating the access token according to the system interaction key includes:
decrypting the system interaction key to obtain a decryption key, and identifying whether the identity in the access token is consistent with the system identity in the decoding password;
if the identity in the access token is inconsistent with the system identity in the decoding password, the authentication of the access token fails;
and if the identity identifier in the access token is consistent with the system identifier in the decoding password, the access token is successfully authenticated.
Optionally, the querying the request data of the access request from the authentication system includes:
acquiring a request object in the access request, and converting the request object into a query statement;
and querying a background database in the authentication system for the request data of the access request by using the query statement.
In order to solve the above problem, the present invention further provides a system interaction apparatus, including:
the interactive key construction module is used for acquiring a service system to be interacted, dividing the service system into an access system and an authentication system, and constructing system interactive keys of the access system and the authentication system;
the access token analysis module is used for receiving an access request sent to the authentication system by the access system and analyzing an access token in the access request;
and the data interaction module is used for authenticating the access token according to the system interaction key, inquiring request data of the access request from the authentication system when the access token is successfully authenticated, and returning the request data to the access system.
In order to solve the above problem, the present invention also provides an electronic device, including:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to implement the system interaction method described above.
In order to solve the above problem, the present invention also provides a computer-readable storage medium, in which at least one computer program is stored, and the at least one computer program is executed by a processor in an electronic device to implement the system interaction method described above.
It can be seen that, in the embodiments of the present invention, firstly, a service system to be interacted is divided into an access system and an authentication system to identify a dependency relationship between systems in the service system, so that a system identity of each system in the service system can be determined, an identity recognition during data interaction between subsequent systems is facilitated, and a system interaction key of the access system and the authentication system is constructed, so that an identity communication token between the access system and the authentication system can be established, a direct data access between the subsequent access system and the authentication system can be realized, an interface authentication during data access between different systems is avoided, and an interaction efficiency between systems is improved, secondly, when an access request sent from the access system to the authentication system is received, an access token in the access request is analyzed, acquiring a system identifier in an access system corresponding to the access request, so as to serve as a premise that the subsequent authentication system authenticates whether the access request can be successfully accessed; further, the embodiment of the present invention authenticates the access token according to the system interaction key, and when the authentication of the access token is successful, queries the request data of the access request from the authentication system, and returns the request data to the access system, which can avoid the data interaction from the access system to the authentication system through an interface platform, thereby implementing the direct data interaction between the access system and the authentication system, and improving the system interaction efficiency between the access system and the authentication system. Therefore, the system interaction method, the device, the electronic device and the computer-readable storage medium provided by the embodiment of the invention can improve the efficiency of system interaction.
Drawings
Fig. 1 is a schematic flowchart of a system interaction method according to an embodiment of the present invention;
fig. 2 is a schematic block diagram of a system interaction apparatus according to an embodiment of the present invention;
fig. 3 is a schematic internal structural diagram of an electronic device implementing a system interaction method according to an embodiment of the present invention;
the implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The embodiment of the invention provides a system interaction method. The execution subject of the system interaction method includes, but is not limited to, at least one of electronic devices such as a server and a terminal that can be configured to execute the method provided by the embodiment of the present invention. In other words, the system interaction method may be performed by software or hardware installed in the terminal device or the server device, and the software may be a block chain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like. The server may be an independent server, or may be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), a big data and artificial intelligence platform, and the like.
Fig. 1 is a schematic flow chart of a system interaction method according to an embodiment of the present invention. In the embodiment of the invention, the system interaction method comprises the following steps:
s1, obtaining a service system to be interacted, dividing the service system into an access system and an authentication system, and constructing a system interaction key of the access system and the authentication system.
In the embodiment of the invention, the service system to be interacted is a system needing data interaction and at least comprises two independently operated service systems.
Furthermore, the embodiment of the invention divides the service system into an access system and an authentication system to identify the dependency relationship between the systems in the service system, thereby determining the system identity of each system in the service system and facilitating the identity recognition during data interaction between subsequent systems.
As an embodiment of the present invention, the dividing the service system into an access system and an authentication system includes: the method comprises the steps of obtaining system functions of each system in the service system, constructing a dependency relationship of each system in the service system according to the system functions, determining an identity interaction type of each system in the service system according to the dependency relationship, dividing the system into access systems if the identity interaction type is a data access type, and dividing the system into authentication systems if the identity interaction type is a data authentication type.
The system function is used for describing a business function of each system in the business system in the process of running online, and is determined based on different business requirements, the dependency relationship refers to an association relationship between each system in the business system, such as a parallel relationship, an upstream-downstream relationship and the like, and the identity interaction type refers to an identity type of each system in the business system when data interaction is carried out between each system and a third-party system.
Further, in an optional embodiment of the present invention, the constructing a dependency relationship of each system in the business system according to the system function includes: and according to the system function, acquiring the service attribute of each system from the service system, constructing a relation triple of each system in the service system and the rest systems in the service system according to the service attribute, and generating the dependency relation of each system in the service system according to the relation triple.
The service attribute refers to information for describing functional characteristics of each system in the service system, and the relationship triple refers to a relationship set between any two systems, such as (a system, parallel system, and b system), optionally, the relationship triple is constructed by a natural language technology, such as a real-body relationship extraction algorithm. For example, the service attribute of the system a includes query, search, and the like, and the service attribute of the system B includes return, update, and the like, then according to the query attribute of the system a and the return attribute of the system B, the entity relationship extraction algorithm may be used to construct a relationship triple of the system a and the system B (system a, dependency, system B).
Further, in an optional embodiment of the present invention, the determining, according to the dependency relationship, an identity interaction type of each system in the service system includes: if the dependency relationship is a parallel relationship, the identity interaction type of a corresponding system in the business system of the parallel relationship is marked as a data access type and a data authentication type, if the dependency relationship is an upstream relationship and a downstream relationship, the upstream system and the downstream system in the business system of the upstream and downstream relationship are determined, the identity interaction type of the upstream system is marked as a data authentication type, and the identity interaction type of the downstream system is marked as a data access type.
For example, for a mall order system, if the identity interaction type of the order query system is a data access type and the identity interaction type of the order management system is a data authentication type, the order query system may be divided into an access system and the order management system is an authentication system.
Furthermore, the embodiment of the invention establishes the identity communication token between the access system and the authentication system by constructing the system interaction key of the access system and the authentication system, so that the direct data access between the subsequent access system and the authentication system can be realized, the interface authentication during the data access between different systems is avoided, and the interaction efficiency between the systems is improved.
As an embodiment of the present invention, the constructing a system interaction key of the access system and the authentication system includes: and performing system security verification on the access system in the authentication system, registering a system identifier of the access system in the authentication system when the system security verification is successful, and encrypting the registered system identifier to obtain the system interaction key.
The system security verification refers to a process of identity security verification of the access system by the authentication system so as to screen out illegal systems existing in the access system and guarantee the security of interaction between subsequent systems, and the system identification refers to system identity information used for representing the access system, such as a system port, a domain name, an address and the like. Optionally, the system security verification is implemented by a CA server, the registration of the system identifier is implemented by a server in the authentication system, and the encryption of the system identifier is implemented by an encryption algorithm, such as an MD5 encryption algorithm, an asymmetric encryption algorithm, and the like.
S2, receiving the access request sent by the access system to the authentication system, and analyzing the access token in the access request.
In the embodiment of the present invention, the access request refers to a requirement that the access system needs to perform data access to the authentication system, such as an order information query request, a visa identity authentication request, and a policy maintenance claim settlement request.
Further, in the embodiment of the present invention, the system identifier in the access system corresponding to the access request is obtained by analyzing the access token in the access request, so as to serve as a precondition for the subsequent authentication system to authenticate whether the access request can be successfully accessed.
As an embodiment of the present invention, the parsing the access token in the access request includes: identifying access parameters in the access request, extracting identity identification information in the access request according to the access parameters, and splicing each identity identification in the identity identification information according to preset splicing characters to obtain the access token.
The access parameter refers to specific description content of the access system corresponding to the access request, such as content of an access object, an access IP, an access protocol, an access link, access time, an access signature, and the like. The identity identification information refers to identity attributes capable of representing the access system in the access request and is used for guaranteeing the identity verification of the access system by a subsequent authentication system.
Further, in an optional embodiment of the present invention, the identification of the access parameter may be implemented by searching for a query object of the access request through a query statement, the query statement may be a select statement, the identity information is extracted through a preset identity attribute table, the preset identity attribute table is an attribute data table used for storing and characterizing system identities, that is, the access parameter is matched with an identity attribute in the preset identity attribute table, and information corresponding to the successfully matched access parameter is used as the identity information, and the preset splicing character may be set as "-", or may be set according to an actual service scenario, so as to facilitate summarizing and searching of the identity information.
S3, authenticating the access token according to the system interaction key, inquiring the request data of the access request from the authentication system when the authentication of the access token is successful, and returning the request data to the access system.
According to the embodiment of the invention, the access token is authenticated according to the system interaction key, so that whether the access system corresponding to the access token has the access authority or not is identified, and the safety interaction premise of data between the subsequent access system and the authentication system is ensured.
As an embodiment of the present invention, the authenticating the access token according to the system interaction key includes: and decrypting the system interaction key to obtain a decryption key, identifying whether the identity in the access token is consistent with the system identity in the decoding password, if the identity in the access token is inconsistent with the system identity in the decoding password, the authentication of the access token fails, and if the identity in the access token is consistent with the system identity in the decoding password, the authentication of the access token succeeds. And the decryption of the system interaction key corresponds to the encryption, namely, the decryption of the system interaction key is executed by adopting a decryption algorithm corresponding to the encryption algorithm.
Further, another embodiment of the present invention further includes: and when the access token fails to be authenticated, the authentication system is utilized to send identity information error prompt information to the access system so as to remind a user that the access system needs to reconstruct a system interaction key with the authentication system or check whether an access request sent by the access system is wrong or not.
Further, it should be understood that, when the access token is successfully authenticated, it indicates that the access system does not need to request the authentication system through an interface platform, and may directly access the authentication system, so that the embodiment of the present invention queries the request data of the access request from the authentication system to improve data interaction efficiency between systems.
As an embodiment of the present invention, the querying request data of the access request from the authentication system includes: and acquiring a request object in the access request, converting the request object into a query statement, and querying a background database in the authentication system for the request data of the access request by using the query statement.
The request object refers to a data object specifically required to be accessed in the access request, if the access request is to query the order sales volume of the last year, the request object of the access request includes the order sales volume of the last year, the query statement conversion of the request object can be realized through a structured programming language, such as an SQL language, and the background database refers to a database used for storing and managing business data generated in an actual business scene in the authentication system, such as Oracle, MySQL and the like.
Further, the embodiment of the present invention returns the request data to the access system, so as to implement the closed-loop data interaction between the access system and the authentication system.
Further, to ensure privacy and reusability of the request data, the request data may also be stored in a blockchain node.
It can be seen that, in the embodiments of the present invention, firstly, a service system to be interacted is divided into an access system and an authentication system to identify a dependency relationship between systems in the service system, so that a system identity of each system in the service system can be determined, an identity recognition during data interaction between subsequent systems is facilitated, and a system interaction key of the access system and the authentication system is constructed, so that an identity communication token between the access system and the authentication system can be established, a direct data access between the subsequent access system and the authentication system can be realized, an interface authentication during data access between different systems is avoided, and an interaction efficiency between systems is improved, secondly, when an access request sent from the access system to the authentication system is received, an access token in the access request is analyzed, acquiring a system identifier in an access system corresponding to the access request, so as to serve as a premise that the subsequent authentication system authenticates whether the access request can be successfully accessed; further, the embodiment of the present invention authenticates the access token according to the system interaction key, and when the access token is successfully authenticated, queries the request data of the access request from the authentication system, and returns the request data to the access system, which can avoid the data interaction from the access system to the authentication system through an interface platform, thereby implementing the direct data interaction between the access system and the authentication system, and improving the system interaction efficiency between the access system and the authentication system. Therefore, the system interaction method provided by the embodiment of the invention can improve the efficiency of system interaction.
Fig. 2 is a functional block diagram of the system interaction device according to the present invention.
The system interaction device 100 of the present invention can be installed in an electronic device. According to the implemented functions, the system interaction device may include an interaction key construction module 101, an access token parsing module 102, and a data interaction module 103. The module of the present invention, which may also be referred to as a unit, refers to a series of computer program segments that can be executed by a processor of an electronic device and can perform a fixed function, and is stored in a memory of the electronic device.
In the present embodiment, the functions regarding the respective modules/units are as follows:
the interactive key construction module 101 is configured to acquire a service system to be interacted, divide the service system into an access system and an authentication system, and construct a system interactive key of the access system and the authentication system;
the access token analyzing module 102 is configured to receive an access request sent by the access system to the authentication system, and analyze an access token in the access request;
the data interaction module 103 is configured to authenticate the access token according to the system interaction key, and when the access token is successfully authenticated, query request data of the access request from the authentication system, and return the request data to the access system.
In detail, when the modules in the system interaction apparatus 100 according to the embodiment of the present invention are used, the same technical means as the system interaction method described in fig. 1 above are adopted, and the same technical effect can be produced, which is not described herein again.
Fig. 3 is a schematic structural diagram of an electronic device 1 for implementing the system interaction method according to the present invention.
The electronic device 1 may comprise a processor 10, a memory 11, a communication bus 12 and a communication interface 13, and may further comprise a computer program, such as a system interaction program, stored in the memory 11 and executable on the processor 10.
In some embodiments, the processor 10 may be composed of an integrated circuit, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same function or different functions, and includes one or more Central Processing Units (CPUs), a microprocessor, a digital Processing chip, a graphics processor, a combination of various control chips, and the like. The processor 10 is a Control Unit (Control Unit) of the electronic device 1, connects various components of the electronic device 1 by using various interfaces and lines, and executes various functions and processes data of the electronic device 1 by running or executing programs or modules (e.g., executing system interaction programs and the like) stored in the memory 11 and calling data stored in the memory 11.
The memory 11 includes at least one type of readable storage medium including flash memory, removable hard disks, multimedia cards, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disks, optical disks, and the like. The memory 11 may in some embodiments be an internal storage unit of the electronic device 1, such as a removable hard disk of the electronic device 1. The memory 11 may also be an external storage device of the electronic device 1 in other embodiments, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, provided on the electronic device 1. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device 1. The memory 11 may be used not only to store application software installed in the electronic device 1 and various types of data, such as codes of a system interaction program, but also to temporarily store data that has been output or is to be output.
The communication bus 12 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.
The communication interface 13 is used for communication between the electronic device 1 and other devices, and includes a network interface and an employee interface. Optionally, the network interface may include a wired interface and/or a wireless interface (such as a WI-FI interface, a bluetooth interface, etc.), which are generally used to establish a communication connection between the electronic device 1 and another electronic device 1. The employee interface may be a Display (Display), an input unit, such as a Keyboard (Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable for displaying information processed in the electronic device 1 and for displaying a visual staff interface, among other things.
Fig. 3 only shows the electronic device 1 with components, and it will be understood by those skilled in the art that the structure shown in fig. 3 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than shown, or some components may be combined, or a different arrangement of components.
For example, although not shown, the electronic device 1 may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so as to implement functions of charge management, discharge management, power consumption management, and the like through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The electronic device 1 may further include various sensors, a bluetooth module, a Wi-Fi module, and the like, which are not described herein again.
It is to be understood that the embodiments described are for illustrative purposes only and that the scope of the claimed invention is not limited to this configuration.
The system interaction program stored in the memory 11 of the electronic device 1 is a combination of a plurality of computer programs, which when executed in the processor 10, can implement:
the method comprises the steps of obtaining a service system to be interacted, dividing the service system into an access system and an authentication system, and constructing system interaction keys of the access system and the authentication system;
receiving an access request sent to the authentication system by the access system, and analyzing an access token in the access request;
and authenticating the access token according to the system interaction key, inquiring request data of the access request from the authentication system when the authentication of the access token is successful, and returning the request data to the access system.
Specifically, the processor 10 may refer to the description of the relevant steps in the embodiment corresponding to fig. 1 for a specific implementation method of the computer program, which is not described herein again.
Further, the integrated modules/units of the electronic device 1, if implemented in the form of software functional units and sold or used as separate products, may be stored in a non-volatile computer-readable storage medium. The computer readable storage medium may be volatile or non-volatile. For example, the computer-readable medium may include: any entity or device capable of carrying said computer program code, recording medium, U-disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM).
The present invention also provides a computer-readable storage medium, storing a computer program which, when executed by a processor of an electronic device 1, may implement:
acquiring a service system to be interacted, dividing the service system into an access system and an authentication system, and constructing a system interaction key of the access system and the authentication system;
receiving an access request sent by the access system to the authentication system, and analyzing an access token in the access request;
and authenticating the access token according to the system interaction key, inquiring request data of the access request from the authentication system when the authentication of the access token is successful, and returning the request data to the access system.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one position, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.
The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
The embodiment of the invention can acquire and process related data based on an artificial intelligence technology. Among them, Artificial Intelligence (AI) is a theory, method, technique and application system that simulates, extends and expands human Intelligence using a digital computer or a machine controlled by a digital computer, senses the environment, acquires knowledge and uses the knowledge to obtain the best result.
Furthermore, it will be obvious that the term "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms second, etc. are used to denote names, but not any particular order.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.
Claims (10)
1. A method of system interaction, the method comprising:
the method comprises the steps of obtaining a service system to be interacted, dividing the service system into an access system and an authentication system, and constructing system interaction keys of the access system and the authentication system;
receiving an access request sent to the authentication system by the access system, and analyzing an access token in the access request;
and authenticating the access token according to the system interaction key, inquiring request data of the access request from the authentication system when the authentication of the access token is successful, and returning the request data to the access system.
2. The system interaction method of claim 1, wherein said dividing said business system into an access system and an authentication system comprises:
acquiring the system function of each system in the service system, and constructing the dependency relationship of each system in the service system according to the system function;
determining the identity interaction type of each system in the service system according to the dependency relationship;
if the identity interaction type is a data access type, dividing the system into access systems;
and if the identity interaction type is a data authentication type, dividing the system into authentication systems.
3. The system interaction method of claim 2, wherein said building a dependency relationship for each system in the business system according to the system functions comprises:
acquiring the service attribute of each system from the service system according to the system function;
and constructing a relation triple of each system in the service system and the rest systems in the service system according to the service attribute, and generating a dependency relation of each system in the service system according to the relation triple.
4. The system interaction method of claim 1, wherein said constructing a system interaction key for the access system and the authentication system comprises:
performing system security verification on the access system in the authentication system;
and when the system security verification is successful, registering the system identification of the access system in the authentication system, and encrypting the registered system identification to obtain the system interaction key.
5. The system interaction method of claim 1, wherein said resolving the access token in the access request comprises:
identifying an access parameter in the access request, and extracting the identity identification information in the access request according to the access parameter;
and splicing each identity in the identity information according to preset splicing characters to obtain the access token.
6. The system interaction method of claim 1, wherein the authenticating the access token according to the system interaction key comprises:
decrypting the system interaction key to obtain a decryption key, and identifying whether the identity in the access token is consistent with the system identity in the decoding password;
if the identity in the access token is inconsistent with the system identity in the decoding password, the authentication of the access token fails;
and if the identity identifier in the access token is consistent with the system identifier in the decoding password, the access token is successfully authenticated.
7. The system interaction method of any one of claims 1 to 6, wherein the querying the request data of the access request from the authentication system comprises:
acquiring a request object in the access request, and converting the request object into a query statement;
and querying a background database in the authentication system for the request data of the access request by using the query statement.
8. A system interaction apparatus, the apparatus comprising:
the interactive key construction module is used for acquiring a service system to be interacted, dividing the service system into an access system and an authentication system, and constructing system interactive keys of the access system and the authentication system;
the access token analysis module is used for receiving an access request sent to the authentication system by the access system and analyzing an access token in the access request;
and the data interaction module is used for authenticating the access token according to the system interaction key, inquiring request data of the access request from the authentication system when the access token is successfully authenticated, and returning the request data to the access system.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the system interaction method of any one of claims 1 to 7.
10. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, carries out the system interaction method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210283458.7A CN114614993B (en) | 2022-03-22 | 2022-03-22 | System interaction method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210283458.7A CN114614993B (en) | 2022-03-22 | 2022-03-22 | System interaction method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114614993A true CN114614993A (en) | 2022-06-10 |
| CN114614993B CN114614993B (en) | 2024-02-06 |
Family
ID=81864630
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210283458.7A Active CN114614993B (en) | 2022-03-22 | 2022-03-22 | System interaction method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114614993B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009130370A1 (en) * | 2008-04-25 | 2009-10-29 | Nokia Corporation | Methods, apparatuses, and computer program products for providing a single service sign-on |
| US20150254441A1 (en) * | 2014-03-04 | 2015-09-10 | Adobe Systems Incorporated | Authentication for Online Content using an Access Token |
| CN112039909A (en) * | 2020-09-03 | 2020-12-04 | 平安科技(深圳)有限公司 | Authentication method, device, equipment and storage medium based on unified gateway |
| CN112188493A (en) * | 2020-10-22 | 2021-01-05 | 深圳云之家网络有限公司 | Authentication method, system and related equipment |
| US20210008457A1 (en) * | 2019-07-12 | 2021-01-14 | Microsoft Technology Licensing, Llc | Data transport of encryption key used to secure communication between computing devices |
| CN113691378A (en) * | 2021-08-24 | 2021-11-23 | 平安国际智慧城市科技股份有限公司 | Oauth2 single sign-on method and device based on gateway, electronic equipment and storage medium |
-
2022
- 2022-03-22 CN CN202210283458.7A patent/CN114614993B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009130370A1 (en) * | 2008-04-25 | 2009-10-29 | Nokia Corporation | Methods, apparatuses, and computer program products for providing a single service sign-on |
| US20150254441A1 (en) * | 2014-03-04 | 2015-09-10 | Adobe Systems Incorporated | Authentication for Online Content using an Access Token |
| US20210008457A1 (en) * | 2019-07-12 | 2021-01-14 | Microsoft Technology Licensing, Llc | Data transport of encryption key used to secure communication between computing devices |
| CN112039909A (en) * | 2020-09-03 | 2020-12-04 | 平安科技(深圳)有限公司 | Authentication method, device, equipment and storage medium based on unified gateway |
| CN112188493A (en) * | 2020-10-22 | 2021-01-05 | 深圳云之家网络有限公司 | Authentication method, system and related equipment |
| CN113691378A (en) * | 2021-08-24 | 2021-11-23 | 平安国际智慧城市科技股份有限公司 | Oauth2 single sign-on method and device based on gateway, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114614993B (en) | 2024-02-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110602052B (en) | Micro-service processing method and server | |
| CN113055380B (en) | Message processing method and device, electronic equipment and medium | |
| CN112287329A (en) | Service instance checking method and device, electronic equipment and storage medium | |
| CN115270193B (en) | Data file secure sharing method and device based on block chain and collaborative synchronization | |
| CN115222410A (en) | Block chain based transaction uplink method and device, electronic equipment and storage medium | |
| CN113382017B (en) | Permission control method and device based on white list, electronic equipment and storage medium | |
| CN114519084A (en) | Block chain-based medical data inspection method, device, equipment and medium | |
| CN114491646A (en) | Data desensitization method and device, electronic equipment and storage medium | |
| CN114553532A (en) | Data secure transmission method and device, electronic equipment and storage medium | |
| CN113486316A (en) | User identity authentication method and device, electronic equipment and readable storage medium | |
| CN113435910A (en) | Sales-under-sale signing method and device, electronic equipment and storage medium | |
| CN114157634B (en) | Unique account identification method, device, equipment and storage medium | |
| CN115102770A (en) | Resource access method, device and equipment based on user permission and storage medium | |
| CN114614993B (en) | System interaction method and device, electronic equipment and storage medium | |
| CN115001768A (en) | Data interaction method, device and equipment based on block chain and storage medium | |
| CN114547696A (en) | File desensitization method and device, electronic equipment and storage medium | |
| CN112667244A (en) | Data verification method and device, electronic equipment and computer readable storage medium | |
| CN112686759A (en) | Account checking monitoring method, device, equipment and medium | |
| CN111651509A (en) | Data importing method and device based on Hbase database, electronic device and medium | |
| CN114723400B (en) | Service authorization management method, device, equipment and storage medium | |
| CN113626533B (en) | Ultraviolet power detection method and device and electronic equipment | |
| CN114564483A (en) | Data structure-based data checking method and device, electronic equipment and medium | |
| CN115225360A (en) | Resource distribution method, device, equipment and storage medium based on authority configuration | |
| CN114006877A (en) | Message transmission method and device, electronic equipment and storage medium | |
| CN114741681A (en) | Identity activation method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |