CN115396477A - Remote office platform based on cloud collaboration - Google Patents
Remote office platform based on cloud collaboration Download PDFInfo
- Publication number
- CN115396477A CN115396477A CN202211330587.3A CN202211330587A CN115396477A CN 115396477 A CN115396477 A CN 115396477A CN 202211330587 A CN202211330587 A CN 202211330587A CN 115396477 A CN115396477 A CN 115396477A
- Authority
- CN
- China
- Prior art keywords
- encryption
- communication
- determining
- transmission
- cooperative
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a remote office platform based on cloud cooperation, which comprises: the building module is used for building a whole member communication network of a target enterprise; the determining module is used for determining a cooperative work transmission path and an access range of each step in the whole communication network based on the cooperative task; the encryption module is used for carrying out encryption transmission on the work result of the corresponding step based on the cooperative work transmission path and the access range of each step until the cooperative work transmission path is traversed, and obtaining a cooperative execution result; the method is used for obtaining the transmission paths of the work results executed in the cooperative task among different communication ends, and greatly improves the safety of data in the cooperative task in the transmission process.
Description
Technical Field
The invention relates to the technical field of data transmission, in particular to a remote office platform based on cloud cooperation.
Background
At present, a remote office platform with cloud collaboration can overcome distance limitation, achieve remote collaborative document editing and office task execution of multiple communication ends, and improve team cooperation efficiency and office efficiency.
However, the existing cloud-based collaborative remote office platform combines the communication function of group chat to realize editing or executing authority of a collaborative task or a collaborative document, which results in that the document in the task executing process can be randomly accessed by all the working personnel participating in the collaborative task, and the confidentiality and information security of the task or the edited document during transmission of the working personnel in different departments are poor, so that not only the access authority of the task cannot be hierarchically managed according to the confidentiality requirement of the task, but also the information security guarantee mode in the transmission process is single, which results in poor security of data in the collaborative task during transmission.
Therefore, the invention provides a remote office platform based on cloud cooperation.
Disclosure of Invention
The invention provides a remote office platform based on cloud cooperation, which is used for determining a cooperative work transmission path based on a member communication network of a target enterprise and a cooperative task to be executed, obtaining transmission paths of the executed work result in the cooperative task among different communication ends, and carrying out encryption transmission on the work result of each step in different modes based on the cooperative work transmission path and the access range of each step of the cooperative transmission task, thereby greatly improving the safety of data in the cooperative task in the transmission process.
The invention provides a remote office platform based on cloud collaboration, which comprises:
the building module is used for building a whole member communication network of a target enterprise;
the determining module is used for determining a cooperative work transmission path and an access range of each step in the whole communication network based on the cooperative task;
and the encryption module is used for encrypting and transmitting the work result of the corresponding step based on the cooperative work transmission path and the access range of each step until the cooperative work transmission path is traversed, and obtaining a cooperative execution result.
Preferably, the building module comprises:
the system comprises an acquisition unit, a communication unit and a communication management unit, wherein the acquisition unit is used for acquiring the management levels and the communication IDs of all working personnel in a target enterprise, classifying the communication IDs of all working personnel based on the management levels and acquiring ID sets of different management levels;
the determining unit is used for determining the transmission communication relation among different ID sets based on the sequence of the management levels from high to low;
and the building unit is used for building a whole member communication network based on all the ID sets and the transmission communication relation.
Preferably, the determining module includes:
the path connecting unit is used for connecting all corresponding execution nodes in the member communication network based on the step sequence of executing the subtasks to obtain a cooperative work transmission path by taking the communication ID of the executive in the member communication network of each step in the cooperative task as the execution node of the corresponding step;
and the range determining unit is used for determining the access range of each step based on the security requirement of the cooperative task.
Preferably, the encryption module includes:
a mode determination unit, configured to determine an encryption mode of a corresponding step based on the cooperative work transmission path and the access range of each step;
and the encryption transmission unit is used for carrying out encryption transmission on the work result of the corresponding step based on the encryption mode until the cooperative work transmission path is traversed, and obtaining a cooperative execution result.
Preferably, the mode determining unit includes:
a first determining subunit configured to determine a transmission ID and a reception ID of each step based on the cooperative transmission path, and determine a first encryption level of the corresponding step based on the transmission ID and the reception ID;
a second determining subunit, configured to determine, based on the access range, a second encryption level of the corresponding step;
and the mode determining subunit is used for taking the encryption mode searched out in the encryption mode list based on the corresponding first encryption level and second encryption level as the encryption transmission mode of the corresponding step.
Preferably, the method for determining the transmission ID and the reception ID of each step by the first determining subunit based on the cooperative transmission path includes:
and taking the communication ID of the subtask executing each step determined based on the cooperative work transmission path as the sending ID of the corresponding step, and taking the communication ID of the subtask executing the next adjacent step as the receiving ID of the corresponding step.
Preferably, the first determining subunit includes:
the determining end is used for determining a sending ID and a receiving ID of each step based on the cooperative work transmission path, determining a transmission level factor of the corresponding step based on a first management level of the sending ID, a second management level of the receiving ID and a transmission cross-layer total number determined based on the first management level and the second management level, determining a first security level of a communication environment of the sending ID and a second security level of a communication environment of the receiving ID, taking the first security level as an abscissa value, the second security level as an ordinate value and the transmission level factor as an ordinate value, and determining a transmission characterization vector of the corresponding step in a preset three-dimensional coordinate system;
and the evaluation terminal is used for determining the first encryption level of the corresponding step based on the transmission characterization vector.
Preferably, the evaluation terminal comprises:
determining a corresponding three-dimensional scaling array based on the scaling factor of each component of the transmission characterization vector;
when the cooperative task is a first cooperative task, searching a first encryption grade of the corresponding step in an encryption grade table according to an evaluation value calculated based on a three-dimensional scaling array of the transmission characterization vector;
and when the cooperative task is not the first cooperative task, calculating an evaluation value based on the three-dimensional scaling array of the transmission characterization vector, screening out a step consistent with the scaling multiple of the corresponding component from the historical cooperative task, and determining a first encryption level of the corresponding step based on the evaluation value and the encryption levels of all steps corresponding to each component.
Preferably, the second determining subunit includes:
the second encryption level of the corresponding step is determined based on a ratio of the total number of accessible communication IDs contained in the access range and the total number of all communication IDs.
Preferably, the cloud collaboration-based remote office platform further includes:
the backup module is used for backing up the work result of each step in the cooperative task in a cloud database;
the configuration module is used for determining an accessible time period of the communication ID based on the access range of all the steps, generating an encryption access channel from the accessible communication ID to the cloud database in the accessible time period of the corresponding range based on the IP address of the communication ID and the IP address of the cloud database and combining the encryption grades of the corresponding steps, sequencing the encryption access channels of the communication ID in all the corresponding accessible time periods according to time sequence to generate a dynamic access channel of the communication ID, and pre-configuring the dynamic access channel to the corresponding communication ID.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a schematic diagram of a remote office platform based on cloud collaboration in an embodiment of the present invention;
FIG. 2 is a building module in an embodiment of the invention;
FIG. 3 is a determination module in an embodiment of the invention;
FIG. 4 is an encryption module in an embodiment of the invention;
FIG. 5 is a mode determination unit in an embodiment of the present invention;
FIG. 6 is a first determining subunit in an embodiment of the present invention;
fig. 7 is a schematic diagram of a second remote office platform based on cloud collaboration in an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
Example 1:
the invention provides a remote office platform based on cloud collaboration, which comprises the following components in reference to fig. 1:
the building module is used for building a whole member communication network of a target enterprise;
the determining module is used for determining a cooperative work transmission path and an access range of each step in the whole communication network based on the cooperative task;
and the encryption module is used for carrying out encryption transmission on the work result of the corresponding step based on the cooperative work transmission path and the access range of each step until the cooperative work transmission path is traversed, and obtaining a cooperative execution result.
In this embodiment, the target enterprise is an enterprise that uses a cloud-based collaborative remote office platform.
In this embodiment, the corporate network node contains the communication IDs of all workers within the target enterprise and represents the network structure of the management hierarchy for all workers,
in this embodiment, the collaborative task is a cloud-end collaborative task that needs to be remotely executed by a worker of the target enterprise, such as document editing.
In this embodiment, the cooperative work transmission path is a transmission path through which the work product determined in the process of executing the cooperative task in the member communication network is transmitted between the communication IDs of the staff participating in the cooperative task.
In this embodiment, the access scope includes all communication IDs in the member communication network that can access the work product obtained after the corresponding step in the cooperative task is executed, that is, the access scope is a set formed by all communication IDs that the work product obtained at the corresponding step is allowed to be accessed.
In this embodiment, the cooperative execution result is based on the cooperative work transmission path and the access range of each step, and the work result of each step in the cooperative task is respectively subjected to encryption transmission in different encryption manners until the work result obtained by traversing the cooperative work transmission path is completed.
In this embodiment, the work product may be a data file in different file forms.
The beneficial effects of the above technology are: the method comprises the steps of determining a cooperative work transmission path based on a whole member communication network of a target enterprise and a cooperative task to be executed, obtaining a transmission path of a work result executed in the cooperative task between different communication ends, and carrying out encryption transmission on the work result of each step in different modes based on the access range of the cooperative work transmission path and each step of the cooperative transmission task, so that the safety of data in the cooperative task in the transmission process is greatly improved.
Example 2:
on the basis of example 1, a module is built, with reference to fig. 2, comprising:
the acquisition unit is used for acquiring the management levels and the communication IDs of all the workers in the target enterprise, classifying the communication IDs of all the workers based on the management levels and acquiring ID sets of different management levels;
the determining unit is used for determining the transmission communication relation among different ID sets based on the sequence of the management levels from high to low;
and the building unit is used for building a whole member communication network based on all the ID sets and the transmission communication relation.
In this embodiment, the management hierarchy is the number of management position hierarchies set between the highest manager of the target enterprise and the corresponding staff.
In this embodiment, the communication ID is a login ID of the worker in the remote office platform based on cloud collaboration.
In this embodiment, the ID set is a set including communication IDs of all the workers in the same management level.
In this embodiment, based on the order of the management hierarchy from high to low, the transmission communication relationship between different ID sets is determined, that is:
and sequentially connecting the ID sets of all the management levels from high to low of the management levels (namely, the management levels are connected with the management levels at the second level, the management levels at the second level are connected with the management levels at the third level, and the like).
In this embodiment, a member communication network is built based on all ID sets and transmission communication relationships, that is:
the method comprises the steps of taking an ID set with a management level as a first level as a circle center, sequentially arranging corresponding ID sets from inside to outside according to the management levels from high to low (namely, the sequence of the first level, the second level, the third level and … …) to form a network structure with the management levels sequentially increasing from inside to outside, distributing the ID sets with the same level around the circle center in a ring shape, connecting communication IDs in the ID sets between different management levels based on a transmission communication relation, determining internal communication connection among different communication IDs in the same management level, and further building a whole member communication network.
The beneficial effects of the above technology are: and arranging the communication IDs of all the workers in the target enterprise based on the management level, and further constructing a network structure which covers all the workers and enables the management level to represent the communication relation among all the workers more clearly.
Example 3:
on the basis of embodiment 1, the determining module, with reference to fig. 3, comprises:
the path connecting unit is used for connecting all corresponding execution nodes in the member communication network based on the step sequence of executing the subtasks to obtain a cooperative work transmission path by taking the communication ID of the executive in the member communication network of each step in the cooperative task as the execution node of the corresponding step;
and the range determining unit is used for determining the access range of each step based on the confidentiality requirement of the cooperative task.
In this embodiment, the execution subtask is a subtask executed by different staff members included in the cooperative task.
In this embodiment, each execution subtask is a step in the cooperative task.
In this embodiment, the step sequence is the sequence of executing the subtasks.
In this embodiment, the security requirement is a requirement input by the worker and including a limitation on the scope of access of the work product of different steps in the collaborative task, such as: the work product executed by the department A can only be accessed by the staff with the first level of the management hierarchy.
In this embodiment, the access scope is an authorized scope within which the work result obtained in each step determined based on the privacy request of the collaborative task can be accessed, for example: the work result executed by the department a can only be accessed by the staff members whose management level is the first level, and the access range of the steps of the work result executed by the department a is the communication ID of all the staff members whose management level is the first level.
The beneficial effects of the above technology are: and determining a cooperative work transmission path based on the execution sequence of the subtasks in the cooperative task, and determining the access range of each step based on the confidentiality requirement, thereby providing a basis for the subsequent hierarchical management of the access authority.
Example 4:
on the basis of embodiment 1, the encryption module, with reference to fig. 4, includes:
a mode determination unit, configured to determine an encryption mode of a corresponding step based on the cooperative work transmission path and the access range of each step;
and the encryption transmission unit is used for carrying out encryption transmission on the work result of the corresponding step based on the encryption mode until the cooperative work transmission path is traversed, and obtaining a cooperative execution result.
In this embodiment, the encryption manner is an encryption manner for determining a work result obtained by executing the corresponding step based on the cooperative work transmission path and the access range of each step; for example: AES encryption algorithm, triple DES encryption algorithm, RSA encryption algorithm, blowfish encryption algorithm, twofish encryption algorithm.
The beneficial effects of the above technology are: the method and the device realize that different encryption transmission modes are adopted in each transmission process in the cooperative task, overcome the defect of the single transmission mode of the traditional remote office platform, and increase the data transmission safety of the remote office platform.
Example 5:
on the basis of embodiment 4, the mode determining unit, referring to fig. 5, includes:
a first determining subunit configured to determine a transmission ID and a reception ID of each step based on the cooperative transmission path, and determine a first encryption level of the corresponding step based on the transmission ID and the reception ID;
a second determining subunit, configured to determine, based on the access range, a second encryption level of the corresponding step;
and the mode determining subunit is used for taking the encryption mode searched out in the encryption mode list based on the corresponding first encryption level and second encryption level as the encryption transmission mode of the corresponding step.
In this embodiment, the transmission ID is a communication ID of a worker who performs a subtask of the corresponding step.
In this embodiment, the received ID is the communication ID of the worker who performs the subtask of the next step next to the next step.
In this embodiment, the first encryption level and the second encryption level are encryption levels representing the encryption complexity of the corresponding step, which are determined based on the transmission ID and the reception ID of the corresponding step and the access range, respectively, and a higher encryption level represents a higher encryption complexity.
In this embodiment, the encryption mode list is a list including encryption modes corresponding to different first encryption levels and different second encryption levels.
The beneficial effects of the above technology are: the method and the device realize that the encryption level representing the encryption complexity degree of the corresponding step is determined based on the ID sending and receiving of the corresponding step and the access range, and then the corresponding encryption transmission mode is determined based on the encryption level, so that the corresponding encryption transmission mode is selected based on the communication ID and the access range at two ends of data transmission of each step, the defect of the single transmission mode of the traditional teleworking platform is overcome, and the data transmission safety of the teleworking platform is improved.
Example 6:
on the basis of embodiment 5, a method for a first determining subunit to determine a transmission ID and a reception ID of each step based on a cooperative transmission path includes:
and taking the communication ID of the subtask executing each step determined based on the cooperative work transmission path as the sending ID of the corresponding step, and taking the communication ID of the subtask executing the next adjacent step as the receiving ID of the corresponding step.
The beneficial effects of the above technology are: and determining the sending ID and the receiving ID of each step in the cooperative task based on the cooperative work transmission path, and providing a basis for subsequently determining the encryption mode of the corresponding step.
Example 7:
on the basis of embodiment 5, the first determining subunit, referring to fig. 6, includes:
the determining end is used for determining a sending ID and a receiving ID of each step based on a cooperative work transmission path, determining a transmission layer factor of the corresponding step based on a first management layer of the sending ID and a second management layer of the receiving ID and a transmission cross-layer total number determined based on the first management layer and the second management layer, determining a first safety level of a communication environment of the sending ID and a second safety level of the communication environment of the receiving ID, taking the first safety level as an abscissa value, the second safety level as an ordinate value and the transmission layer factor as an ordinate value, and determining a transmission characterization vector of the corresponding step in a preset three-dimensional coordinate system;
and the evaluation terminal is used for determining the first encryption level of the corresponding step based on the transmission characterization vector.
In this embodiment, the first management level is a management level of a worker corresponding to the transmission ID.
In this embodiment, the second management level is a management level of the staff corresponding to the receiving ID.
In this embodiment, the total number of transmission layers is the absolute value of the difference between the first management level and the second management level.
In this embodiment, determining a sending ID and a receiving ID of each step based on a cooperative transmission path, and determining a transmission level factor of the corresponding step based on a first management level of the sending ID and a second management level of the receiving ID and a total number of transmission cross-layers determined based on the first management level and the second management level, includes:
and taking the ratio of the maximum management level number of the first management level to the maximum management level number of the target enterprise, the ratio of the maximum management level number of the second management level to the maximum management level number of the target enterprise, and the average value of the ratios of the total number of transmission cross layers to the maximum management level number of the target enterprise as the transmission level factors of the corresponding steps.
In this embodiment, determining the first security level of the communication environment that sends the ID and the second security level of the communication environment that receives the ID is:
checking the communication environment for sending the ID and the communication environment for receiving the ID based on a potential safety hazard list (potential safety hazard factors possibly contained in a preset communication environment, such as existence of an illegal wireless access point, lack of network access control in a local area network, existence of authentication defects in the wireless access point and the like), and determining all first potential safety hazard factors in the communication environment for sending the ID and all second potential safety hazard factors in the communication environment for receiving the ID;
searching a security level list (namely a list containing corresponding relations between different hidden danger factors and security levels) based on all the first hidden danger factors, and determining a first security level of the communication environment for sending the ID;
and searching the safety level list based on all the second hidden trouble factors, and determining the second safety level of the communication environment receiving the ID.
In this embodiment, the first security level is a communication security level of the communication environment that transmits the ID.
In this embodiment, the second communication security level is the communication security level of the communication environment that receives the ID.
In this embodiment, the transmission characterization vector is a vector that characterizes the communication transmission characteristics of the corresponding step, and is determined by taking the first security level corresponding to the corresponding step as an abscissa value, the second security level corresponding to the corresponding step as an ordinate value, and the transmission level factor corresponding to the corresponding step as an ordinate value.
The beneficial effects of the above technology are: the method comprises the steps of determining transmission level factors characterizing transmission level characteristics of corresponding steps based on the management levels of the sending ID and the receiving ID of each step in the cooperative task, and obtaining vectors characterizing the communication transmission characteristics of the corresponding steps by combining the security levels of the communication environment based on the sending ID and the receiving ID of the corresponding steps.
Example 8:
on the basis of example 7, the evaluation terminal comprises:
determining a corresponding three-dimensional scaling array based on the scaling factor of each component of the transmission characterization vector;
when the cooperative task is a first cooperative task, searching a first encryption grade of the corresponding step in an encryption grade table according to an evaluation value calculated based on a three-dimensional scaling array of the transmission characterization vector;
and when the cooperative task is not the first cooperative task, calculating an evaluation value based on the three-dimensional scaling array of the transmission characterization vector, screening out a step consistent with the scaling multiple of the corresponding component from the historical cooperative task, and determining a first encryption level of the corresponding step based on the evaluation value and the encryption levels of all steps corresponding to each component.
In this embodiment, the corresponding three-dimensional scaling array is determined based on the scaling factor of each component of the transmission characterization vector, that is:
for example, the transmission characterization vector isThen, thenComponent scaling factor of,The scaling factor of the component being,The scaling factor of the component beingThe three-dimensional scaling array is then,,]。
In this embodiment, retrieving the first encryption level of the corresponding step from the encryption level table according to the evaluation value calculated based on the three-dimensional scaling array of the transmission characterization vector includes:
and calculating an evaluation value based on the three-dimensional scaling array of the transmission characterization vector:
will be provided withThe ratio of the scaling factor of the component to the maximum security level (i.e. the maximum security level of the preset communication environment), and,The ratio of the scaling factor of the component to the maximum security level and the average of the transmission level factors are used as the evaluation value.
The corresponding encryption level is retrieved from the encryption level table as a first encryption level based on the evaluation value.
In this embodiment, the encryption level table is an encryption level table including encryption levels corresponding to different evaluation value ranges, and the higher the evaluation value is, the higher the encryption level is, and vice versa.
In this embodiment, the historical collaboration task is a collaboration task that the remote office platform based on cloud collaboration has executed in the target enterprise.
In this embodiment, determining the first encryption level of the corresponding step based on the evaluation value and the encryption levels of all the steps corresponding to each component includes:
calculating a standard encryption level based on the evaluation value and the encryption levels of all the steps corresponding to each component:
and taking the average value of the ratio of the encryption level to the maximum encryption level of all the steps corresponding to the corresponding component and the average value of the evaluation value as the standard encryption level.
And taking the encryption level obtained by rounding up the standard encryption level as the first encryption level of the corresponding step.
The beneficial effects of the above technology are: the method and the device realize that the first encryption grade of the corresponding step is searched in the encryption grade table based on the evaluation value calculated based on the scaling factor of each component in the transmission characterization vector in the process of determining the encryption transmission mode of the first-time cooperative task, and also realize that the first encryption grade of the corresponding step is determined based on the evaluation value calculated based on the scaling factor of each component in the transmission characterization vector and the scaling factor of each component of the transmission characterization vector of each step in the historical cooperative task in the process of determining the encryption transmission mode which is not the first-time cooperative task.
Example 9:
on the basis of embodiment 5, a second determining subunit includes:
the second encryption level of the corresponding step is determined based on a ratio of the total number of accessible communication IDs contained in the access range and the total number of all communication IDs.
In this embodiment, the second encryption level of the corresponding step is determined based on a ratio of the total number of accessible communication IDs included in the access range to the total number of all communication IDs, that is:
taking the difference between 1 and the ratio of the total number of accessible communication IDs and the total number of all communication IDs contained in the access range as a second evaluation value of the corresponding step, and retrieving a second encryption level of the corresponding step from the encryption level table based on the second evaluation value, so that the smaller the total number of accessible communication IDs contained in the access range, the higher the determined second encryption level of the corresponding step.
The beneficial effects of the above technology are: the encryption level of the corresponding step is determined based on the access range, so that the encryption level corresponding to the step with the smaller access range is higher.
Example 10:
on the basis of embodiment 5, the cloud collaboration-based remote office platform, with reference to fig. 7, further includes:
the backup module is used for backing up the work result of each step in the cooperative task in a cloud database;
the configuration module is used for determining an accessible time period of the communication ID based on the access range of all the steps, generating an encryption access channel from the accessible communication ID to the cloud database in the accessible time period of the corresponding range based on the IP address of the communication ID and the IP address of the cloud database and combining the encryption grades of the corresponding steps, sequencing the encryption access channels of the communication ID in all the corresponding accessible time periods according to time sequence to generate a dynamic access channel of the communication ID, and pre-configuring the dynamic access channel to the corresponding communication ID.
In this embodiment, the cloud database is a database for storing backup data of all data generated in the execution process of the cooperative task.
In this embodiment, the access range includes a communication ID set that can access the work product of the corresponding step, and each access range corresponds to one accessible time period, that is, the access time of the work product of different steps is also limited, so that the accessible time periods of the communication IDs in the corresponding access range can be determined according to the access ranges of all the steps, and when the communication IDs are in multiple access ranges (that is, the work products generated in multiple steps can be accessed), the accessible time periods of all the access ranges where the communication IDs are located are sorted according to a time sequence, that is, all the accessible time periods of the communication IDs can be obtained.
In this embodiment, based on the IP address of the communication ID and the IP address of the cloud database, and in combination with the encryption levels of the corresponding steps, an encryption access channel from the accessible communication ID to the cloud database in the accessible time period in the corresponding range is generated, that is:
based on the IP address of the communication ID, the IP address of the cloud database, and the storage location of the work result of the corresponding step, a common communication transmission channel (i.e., a communication link that is not encrypted) from the communication ID to the storage location of the work result of the corresponding step in the cloud database is generated, and then based on the encryption level of the corresponding step (i.e., an average value of the first encryption level and the second encryption level of the corresponding step), the common communication transmission channel of the corresponding step is encrypted (for example, by using an ECB (electronic codebook), a CBC (cipher block chaining) encryption algorithm, a CFB (cipher feedback) encryption algorithm, an OFB (OutputFeedback) encryption algorithm, a CTR (Counter mode) encryption algorithm, and based on a correspondence between preset encryption algorithms and encryption levels, the corresponding encryption algorithm is determined to perform encryption on the common communication channel, and an accessible encryption time period of the corresponding communication channel within a range from the communication ID to the cloud database is obtained.
In this embodiment, the dynamic access channel is an encrypted access channel that changes with the accessible time period and corresponds to the communication ID, obtained by sequencing the encrypted access channels of the communication ID in all the corresponding accessible time periods according to the time sequence.
In this embodiment, the dynamic access channel is preconfigured to the corresponding communication ID, so that the corresponding communication ID can access the work result of the corresponding step in the cloud database through the corresponding encryption access channel in the corresponding accessible time period.
The beneficial effects of the above technology are: the backup of the work results is realized, and the differential management of the access rights of the task results based on the confidentiality requirements of the tasks is also realized.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (10)
1. A teleworking platform based on high in clouds is collaborative, characterized in that includes:
the building module is used for building a whole member communication network of a target enterprise;
the determining module is used for determining a cooperative work transmission path and an access range of each step in the whole communication network based on the cooperative task;
and the encryption module is used for carrying out encryption transmission on the work result of the corresponding step based on the cooperative work transmission path and the access range of each step until the cooperative work transmission path is traversed, and obtaining a cooperative execution result.
2. The cloud collaboration-based tele-office platform of claim 1, wherein the building module comprises:
the system comprises an acquisition unit, a communication unit and a communication management unit, wherein the acquisition unit is used for acquiring the management levels and the communication IDs of all working personnel in a target enterprise, classifying the communication IDs of all working personnel based on the management levels and acquiring ID sets of different management levels;
the determining unit is used for determining the transmission communication relation among different ID sets based on the sequence of the management levels from high to low;
and the building unit is used for building a whole member communication network based on all the ID sets and the transmission communication relation.
3. A cloud collaboration-based tele-office platform as claimed in claim 1, wherein the determining module comprises:
the path connecting unit is used for connecting all corresponding execution nodes in the member communication network based on the step sequence of executing the subtasks to obtain a cooperative work transmission path by taking the communication ID of the executive in the member communication network of each step in the cooperative task as the execution node of the corresponding step;
and the range determining unit is used for determining the access range of each step based on the confidentiality requirement of the cooperative task.
4. The cloud collaboration-based tele-office platform of claim 1, wherein the encryption module comprises:
a mode determination unit, configured to determine an encryption mode of a corresponding step based on the cooperative work transmission path and the access range of each step;
and the encryption transmission unit is used for carrying out encryption transmission on the work result of the corresponding step based on the encryption mode until the cooperative work transmission path is traversed, and obtaining a cooperative execution result.
5. The cloud collaboration-based tele-office platform of claim 4, wherein the means for determining comprises:
a first determining subunit configured to determine a transmission ID and a reception ID of each step based on the cooperative transmission path, and determine a first encryption level of the corresponding step based on the transmission ID and the reception ID;
a second determining subunit, configured to determine, based on the access range, a second encryption level of the corresponding step;
and the mode determining subunit is used for taking the encryption mode searched out in the encryption mode list based on the corresponding first encryption level and the second encryption level as the encryption transmission mode of the corresponding step.
6. The cloud collaboration-based tele-office platform of claim 5, wherein the first determining subunit determines the send ID and the receive ID for each step based on a collaborative work transmission path, comprising:
and taking the communication ID of the subtask executing each step determined based on the cooperative work transmission path as the sending ID of the corresponding step, and taking the communication ID of the subtask executing the next adjacent step as the receiving ID of the corresponding step.
7. The cloud collaboration-based tele-office platform of claim 5, wherein the first determining subunit comprises:
the determining end is used for determining a sending ID and a receiving ID of each step based on the cooperative work transmission path, determining a transmission level factor of the corresponding step based on a first management level of the sending ID, a second management level of the receiving ID and a transmission cross-layer total number determined based on the first management level and the second management level, determining a first security level of a communication environment of the sending ID and a second security level of a communication environment of the receiving ID, taking the first security level as an abscissa value, the second security level as an ordinate value and the transmission level factor as an ordinate value, and determining a transmission characterization vector of the corresponding step in a preset three-dimensional coordinate system;
and the evaluation terminal is used for determining the first encryption level of the corresponding step based on the transmission characterization vector.
8. The cloud collaboration-based tele-office platform of claim 7, wherein the evaluation end comprises:
determining a corresponding three-dimensional scaling array based on the scaling factor of each component of the transmission characterization vector;
when the cooperative task is a first cooperative task, searching a first encryption grade of the corresponding step in an encryption grade table according to an evaluation value calculated based on a three-dimensional scaling array of the transmission characterization vector;
and when the cooperative task is not the first cooperative task, calculating an evaluation value based on the three-dimensional scaling array of the transmission characterization vector, screening out a step consistent with the scaling multiple of the corresponding component from the historical cooperative task, and determining a first encryption level of the corresponding step based on the evaluation value and the encryption levels of all steps corresponding to each component.
9. The cloud collaboration-based tele-office platform of claim 5, wherein the second determining subunit comprises:
the second encryption level of the corresponding step is determined based on a ratio of the total number of accessible communication IDs contained in the access range and the total number of all communication IDs.
10. A cloud collaboration-based tele-office platform as claimed in claim 5, further comprising:
the backup module is used for backing up the work result of each step in the cooperative task in a cloud database;
the configuration module is used for determining an accessible time period of the communication ID based on the access ranges of all the steps, generating an encryption access channel from the accessible communication ID to the cloud database in the accessible time period of the corresponding range based on the IP address of the communication ID and the IP address of the cloud database and combining the encryption grades of the corresponding steps, sequencing the encryption access channels of the communication ID in all the corresponding accessible time periods according to time sequence to generate a dynamic access channel of the communication ID, and pre-configuring the dynamic access channel to the corresponding communication ID.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211330587.3A CN115396477B (en) | 2022-10-28 | 2022-10-28 | Remote office platform based on cloud collaboration |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211330587.3A CN115396477B (en) | 2022-10-28 | 2022-10-28 | Remote office platform based on cloud collaboration |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115396477A true CN115396477A (en) | 2022-11-25 |
CN115396477B CN115396477B (en) | 2023-01-24 |
Family
ID=84114996
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211330587.3A Active CN115396477B (en) | 2022-10-28 | 2022-10-28 | Remote office platform based on cloud collaboration |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115396477B (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040199768A1 (en) * | 2003-04-04 | 2004-10-07 | Nail Robert A. | System and method for enabling enterprise application security |
US20120284516A1 (en) * | 2006-08-24 | 2012-11-08 | Privacydatasystems, Inc. | Cross-domain collaborative systems and methods |
CN104881736A (en) * | 2015-05-15 | 2015-09-02 | 西安电子科技大学 | Multi-Agent worksteam access control method based on improved role |
CA2990389A1 (en) * | 2017-10-04 | 2019-04-04 | Servicenow, Inc. | Guided configuration item class creation in a remote network management platform |
CN110428112A (en) * | 2019-08-09 | 2019-11-08 | 烟台东方纵横科技股份有限公司 | A kind of dual prevention mechanism management system of enterprise based under internet+mode |
CN111294361A (en) * | 2020-03-16 | 2020-06-16 | 广州天辰信息科技有限公司 | Workflow data encryption method and system |
CN113271345A (en) * | 2021-04-30 | 2021-08-17 | 中国科学院信息工程研究所 | Method for collaboratively maintaining reliable data evidence based on alliance block chain manufacturing industry department |
US11240278B1 (en) * | 2018-01-17 | 2022-02-01 | Sure Market, LLC | Distributed messaging communication system integrated with a cross-entity collaboration platform |
-
2022
- 2022-10-28 CN CN202211330587.3A patent/CN115396477B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040199768A1 (en) * | 2003-04-04 | 2004-10-07 | Nail Robert A. | System and method for enabling enterprise application security |
US20120284516A1 (en) * | 2006-08-24 | 2012-11-08 | Privacydatasystems, Inc. | Cross-domain collaborative systems and methods |
CN104881736A (en) * | 2015-05-15 | 2015-09-02 | 西安电子科技大学 | Multi-Agent worksteam access control method based on improved role |
CA2990389A1 (en) * | 2017-10-04 | 2019-04-04 | Servicenow, Inc. | Guided configuration item class creation in a remote network management platform |
US11240278B1 (en) * | 2018-01-17 | 2022-02-01 | Sure Market, LLC | Distributed messaging communication system integrated with a cross-entity collaboration platform |
CN110428112A (en) * | 2019-08-09 | 2019-11-08 | 烟台东方纵横科技股份有限公司 | A kind of dual prevention mechanism management system of enterprise based under internet+mode |
CN111294361A (en) * | 2020-03-16 | 2020-06-16 | 广州天辰信息科技有限公司 | Workflow data encryption method and system |
CN113271345A (en) * | 2021-04-30 | 2021-08-17 | 中国科学院信息工程研究所 | Method for collaboratively maintaining reliable data evidence based on alliance block chain manufacturing industry department |
Non-Patent Citations (1)
Title |
---|
李曼 等: "协同办公系统在某军工企业的设计与应用", 《现代信息科技》 * |
Also Published As
Publication number | Publication date |
---|---|
CN115396477B (en) | 2023-01-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2020200073B2 (en) | Method and apparatus for multi-tenancy secrets management | |
US10021143B2 (en) | Method and apparatus for multi-tenancy secrets management in multiple data security jurisdiction zones | |
CN111598186A (en) | Decision model training method, prediction method and device based on longitudinal federal learning | |
CN109729168A (en) | A kind of data share exchange system and method based on block chain | |
CN108280367A (en) | Management method, device, computing device and the storage medium of data manipulation permission | |
CN109510840A (en) | Sharing method, device, computer equipment and the storage medium of unstructured data | |
WO2022241961A1 (en) | Method for detecting spatial data change in territorial spatial planning, application system, and cloud platform | |
CN105357201A (en) | Access control method and system for object cloud storage | |
CN113536376B (en) | Enterprise financial data security management system and method thereof | |
CN110059055B (en) | File storage and reading method and device based on distributed private cloud | |
US20190297491A1 (en) | Network device selective synchronization | |
JP6723480B2 (en) | How to operate a power grid | |
CN101977184A (en) | Multi-identity selection landing device and service system | |
CN107886006A (en) | Data manipulation method, device and electronic equipment | |
CN107395587A (en) | A kind of data managing method and system based on multipoint cooperative mechanism | |
CN115396477B (en) | Remote office platform based on cloud collaboration | |
US11196810B2 (en) | System and method for dynamically generating a site survey | |
CN116708502A (en) | Block chain-based power system measurement data secure sharing method | |
Ince et al. | Planning and Architectural Design of Modern Command Control Communications and Information Systems: Military and Civilian Applications | |
CN109922473A (en) | A kind of authorization and authentication method, certificate server and system | |
CN114936224A (en) | Rail inspection data service system based on Hadoop | |
CN106131224A (en) | A kind of data transmission system | |
CN113965426B (en) | Access method, device and equipment of Internet of things equipment and computer readable storage medium | |
Sifou et al. | Applying OM-AM reference to an ABAC model for securing cloud-enabled Internet of Things | |
CN113239367B (en) | Identification data encryption access method in nuclear power networking collaborative computing environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |