CN116170164A - Method, device, electronic equipment and storage medium for requesting scheduling - Google Patents

Method, device, electronic equipment and storage medium for requesting scheduling Download PDF

Info

Publication number
CN116170164A
CN116170164A CN202111408140.9A CN202111408140A CN116170164A CN 116170164 A CN116170164 A CN 116170164A CN 202111408140 A CN202111408140 A CN 202111408140A CN 116170164 A CN116170164 A CN 116170164A
Authority
CN
China
Prior art keywords
authentication parameter
user access
access request
authentication
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111408140.9A
Other languages
Chinese (zh)
Inventor
兰晓琴
李逸骏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou Baishancloud Technology Co Ltd
Original Assignee
Guizhou Baishancloud Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou Baishancloud Technology Co Ltd filed Critical Guizhou Baishancloud Technology Co Ltd
Priority to CN202111408140.9A priority Critical patent/CN116170164A/en
Priority to PCT/CN2022/133778 priority patent/WO2023093772A1/en
Publication of CN116170164A publication Critical patent/CN116170164A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides a method, a device, electronic equipment and a storage medium for requesting scheduling, wherein the method for requesting scheduling comprises the following steps: sending a first user access request to a jump server; the first user access request comprises a first authentication parameter, and the first authentication parameter is used for authenticating the first user access request sent by the client by the jump server; receiving a first response message sent by a jump server; the first response message comprises a second authentication parameter and a jump URL, wherein the second authentication parameter is used for authenticating a second user access request sent by the client by an edge node corresponding to the jump URL; transmitting a second user access request containing a second authentication parameter to the edge node; and receiving a second response message sent by the edge node. Based on the secondary authentication mode, the invention can better solve the problem of hotlinking, greatly reduce the risk of exposing the user configuration assets, improve the user data security and protect the user privacy.

Description

Method, device, electronic equipment and storage medium for requesting scheduling
Technical Field
The invention relates to the technical field of request scheduling, in particular to a method, a device, electronic equipment and a storage medium for request scheduling.
Background
Hotlinking refers to the fact that the service provider a does not provide service content, and the service provider B is provided to users on its own website by technical means to fool the browsing and click-through rates. The profitable service provider a provides no or little resources and the service provider B receives no revenue. The hotlinking problem not only affects the service provider providing the service content, but also seriously threatens the security and privacy of the user data, resulting in poor user experience. The traditional anti-theft chain technology, such as UA anti-theft chain, reference anti-theft chain, token anti-theft chain, etc., is easy to crack at present because the implementation principle of the prior art is relatively simple, and the aim of the anti-theft chain is difficult to achieve fundamentally. Therefore, how to better solve the hotlinking problem becomes the technical problem to be solved by the person skilled in the art and the focus of constant research.
Disclosure of Invention
In order to solve the problem that the existing anti-theft chain scheme is easy to crack, one or more embodiments of the present invention may provide a method, an apparatus, an electronic device, and a storage medium for scheduling requests, so as to better solve the problem of theft chain existing in the prior art, improve the security of user access requests, and improve user experience.
To achieve the above technical object, the present invention provides a method for requesting scheduling, which is applied to a client, and the method may include, but is not limited to, one or more of the following steps.
Sending a first user access request to a jump server; the first user access request comprises a first authentication parameter, and the first authentication parameter is used for authenticating the first user access request sent by the client by the jump server.
Receiving a first response message sent by a jump server; the first response message comprises a second authentication parameter and a jump URL, wherein the second authentication parameter is used for authenticating a second user access request sent by the client by an edge node corresponding to the jump URL.
And sending a second user access request containing the second authentication parameter to the edge node.
And receiving a second response message sent by the edge node, wherein the second response message comprises resources requested by a second user access request.
Further, the first authentication parameter is located in request header information or in a request URL of the first user access request. The second authentication parameter is located in response header information of the first response message or in the jump URL.
To achieve the above technical object, the present invention may further provide a method for requesting scheduling, which is applied to a jump server, and the method may include, but is not limited to, one or more of the following steps.
A first user access request issued by a client is received, the first user access request including a first authentication parameter.
And authenticating the first user access request according to the first authentication parameter.
And after the authentication is successful, a first response message is sent to the client, wherein the first response message comprises a second authentication parameter and a jump URL, and the second authentication parameter is used for authenticating a second user access request sent by the client by an edge node corresponding to the jump URL.
Further, the sending the first response message to the client after the authentication is successful includes:
and if the authentication of the first authentication parameter is successful, encrypting the second authentication parameter through an encryption algorithm.
And sending a first response message containing the encrypted second authentication parameters to the client.
Further, encrypting the second authentication parameter by an encryption algorithm includes:
and combining at least one of the agreed additional parameters, the time stamp, the UA, the IP black-and-white list and the cookie, referer into a character string through a preset sequence, and encrypting the character string by utilizing an encryption algorithm to obtain an encrypted second authentication parameter.
Wherein the agreed additional parameters include request header information of the first user access request.
Further, the sending the first response message to the client after the authentication is successful includes:
and if the authentication of the first authentication parameter is successful, encrypting the jump URL through an encryption algorithm.
And sending a first response message containing the encrypted jump URL to the client.
Further, before the authentication is successful and the first response message is sent to the client, the method further comprises:
and determining the jump URL according to at least one of the first authentication parameter, the client position information, the server service quality information, the server ranking information, the server cache state information and the cost information.
Further, the jump URL includes at least one of identification information, domain name information, and IP address of the edge node.
Further, the first authentication parameter is located in request header information or in a request URL of the first user access request. The second authentication parameter is located in response header information of the first response message or in the jump URL.
To achieve the above technical object, the present invention also provides a method for requesting scheduling, which is applied to an edge node and includes, but is not limited to, one or more of the following steps, which are described in detail below.
Receiving a second user access request sent by a client; the second user access request includes a second authentication parameter; the edge node and the second authentication parameter are determined from a first response message received by the client from the jump server.
And authenticating the second user access request according to the second authentication parameter.
And after the authentication is successful, sending a second response message to the client, wherein the second response message comprises resources requested by a second user to access.
Further, the first response message includes a second authentication parameter and a jump URL.
Further, the jump URL includes at least one of identification information, domain name information, and IP address of the edge node.
Further, the second authentication parameter is located in response header information of the first response message or in the jump URL.
To achieve the above technical objective, the present invention may also provide an apparatus for scheduling requests, which is applied to a client, and the apparatus includes, but is not limited to, at least one of a first request sending module, a first message receiving module, a second request sending module, and a second message receiving module.
The first request sending module is used for sending a first user access request to the jump server; the first user access request comprises a first authentication parameter, and the first authentication parameter is used for authenticating the first user access request sent by the client by the jump server.
The first message receiving module is used for receiving a first response message sent by the jump server; the first response message includes a second authentication parameter and a jump URL, where the second authentication parameter is used by the edge node to authenticate a second user access request sent by the client.
And the second request sending module is used for sending a second user access request containing the second authentication parameter to the edge node corresponding to the jump URL.
And the second message receiving module is used for receiving a second response message sent by the edge node, wherein the second response message comprises resources requested by a second user access request.
To achieve the above object, the present invention further provides an apparatus for scheduling requests, which is applied to a jump server, and the apparatus may include, but is not limited to, at least one of a first request receiving module, a first request authenticating module, and a first message sending module
The first request receiving module is used for receiving a first user access request sent by the client, wherein the first user access request comprises a first authentication parameter;
the first request authentication module is used for authenticating the first user access request according to the first authentication parameter;
The first message sending module is used for sending a first response message to the client after authentication is successful, wherein the first response message comprises a second authentication parameter and a jump URL, and the second authentication parameter is used for authenticating a second user access request sent by the client by an edge node corresponding to the jump URL.
To achieve the above technical objective, the present invention may further provide an apparatus for requesting scheduling, which is applied to an edge node, and the apparatus may include, but is not limited to, one or more of a second request receiving module, a second request authenticating module, and a second message sending module.
The second request receiving module is used for receiving a second user access request sent by the client; the second user access request includes a second authentication parameter; the edge node and the second authentication parameter are determined from a first response message received by the client from the jump server.
And the second request authentication module is used for authenticating the second user access request according to the second authentication parameter.
And the second message sending module is used for sending a second response message to the client after the authentication is successful, wherein the second response message comprises resources of a second user access request.
To achieve the above object, the present invention also provides an electronic device including a memory and a processor, where the memory stores computer readable instructions that, when executed by the processor, cause the processor to perform the steps of the method for scheduling requests in any of the embodiments of the present invention.
To achieve the above technical object, the present invention may further provide a storage medium storing computer readable instructions that, when executed by one or more processors, cause the one or more processors to perform the steps of the method for requesting scheduling in any of the embodiments of the present invention.
To achieve the above object, the present invention also provides a computer program product comprising a computer program which, when executed by one or more processors, implements the steps of the method for processing a request according to any of the embodiments of the present invention.
The beneficial effects of the invention are as follows: based on the secondary authentication mode, the invention can better solve the hotlinking problem existing in the prior art, greatly reduce the exposure risk of user configuration assets, improve the safety of user data, protect the privacy of users, and have better user experience and higher satisfaction. The invention can issue configuration information to the small particle edge node, wherein the configuration information comprises the anti-theft chain information, and authentication judgment is carried out on the small particle edge node so as to achieve the technical purposes of anti-theft chain and the like. The invention carries out one authentication on the jump server, successfully receives the edge node position responded by the jump server and the second authentication parameter according to the one authentication, and then carries out one authentication on the second authentication parameter on the corresponding edge node, thereby realizing two authentications, greatly avoiding the possibility of service hotlinking and protecting the benefits of users and websites. The invention can better adapt to the scene that the distributed sinking server is used as the content server, and the URL dual authentication can be realized on the content server without user configuration, and the invention does not need the user to manually operate at the client, thereby effectively reinforcing the anti-theft chain scheme and timely finding and processing the anti-theft chain behavior; in addition, by adopting a domain name encryption or parameter encryption mode, the invention can carry out omnibearing protection on user assets such as domain name information, configuration information and the like.
Drawings
FIG. 1 illustrates a flow diagram of a request scheduling method for a client in one or more embodiments of the invention.
FIG. 2 illustrates a flow diagram of a request scheduling method for a jump server in one or more embodiments of the invention.
Fig. 3 is a flow diagram illustrating a request scheduling method for an edge node in one or more embodiments of the invention.
Fig. 4 shows a flow diagram of a dual authentication scheduling scheme in one or more embodiments of the invention.
Fig. 5 is a schematic diagram showing the internal structural composition of an electronic device in one or more embodiments of the invention.
Detailed Description
The method, the device, the electronic equipment and the storage medium for requesting scheduling provided by the invention are explained and illustrated in detail below with reference to the attached drawings.
As shown in fig. 1 and in conjunction with fig. 4, an embodiment of the present invention can provide a method for scheduling a request, which is applied to a client, and the method for scheduling a request includes, but is not limited to, steps S10 to S13, which are specifically described below.
Step S10, a first user access request is sent to a jump server; the first user access request comprises a first authentication parameter, and the first authentication parameter is used for authenticating the first user access request sent by the client by the jump server. The first authentication parameter in this embodiment is located in the request header information of the first user access request or in the request URL (Uniform Resource Locator ), and the request URL related to the present invention refers to the URL in the first user access request; the first authentication parameters include, but are not limited to, time stamp, UA, IP black-and-white list, cookie, referer, etc. the first authentication parameters include a time stamp, UA, IP black-and-white list, and the like.
Illustratively, the first user access request is described as:
GET/1.zip HTTP/1.1
Host:www.test.com
User-Agent:curl/7.77.0
Accept:*/*
A:1444435200
the request header A carries content with a first authentication parameter being timestamp information, 1.Zip represents the requested content, and the request method is GET.
The first user request may be, for example, an http or https request, although not limited thereto.
According to the invention, the first authentication parameter is set in the request header information or the request URL, so that the exposure risk of the first authentication parameter can be effectively reduced, the security of one-time authentication process is improved, the security of the user access request is improved, and the user satisfaction is improved.
As shown in fig. 4, the client in the embodiment of the present invention sends a DNS request for performing domain name resolution to the DNS server, and receives the IP address of the jump server determined by the DNS server through domain name resolution. As shown in step 100, the client of the present invention issues a request to the DNS server for obtaining an IP address, for example www.test.com; then, in step 200, the dns server resolves the request and then responds to an IP address, e.g., 2.2.2.2; step 300, after receiving an IP address fed back by a DNS server, a client sends a first user access request to a jump server corresponding to the IP address, where 1.zip represents the content of the request, for example, http:// www.test.com/1.zip_key1=xxx? Representing the spacer, auth_key1=xxx represents the first authentication parameter. It is understood that the first authentication parameters include, but are not limited to, time stamp, UA, IP black-and-white list, cookie, referer, etc., but are not limited to.
Step S11, receiving a first response message sent by a jump server; the first response message includes a second authentication parameter and a jump URL, where the second authentication parameter is used by the edge node to authenticate the second user access request sent by the client. The second authentication parameter in the embodiment of the present invention is located in the response header information of the first response message or in a jump URL, where the jump URL refers to a URL in the first response message, and the jump URL is used for the client to access the corresponding edge node, and the second authentication parameter includes, but is not limited to, a time stamp, UA, an IP black-and-white list, cookie, referer, and other anti-hotlink parameters, which is of course not limited thereto. By setting the second authentication parameter in the response header information or the jump URL, the invention can improve the security of the second authentication parameter and greatly enhance the difficulty of being cracked; in addition, the invention realizes constructing the URL carrying the authentication rule in the jump server by setting the second authentication parameter in the jump URL, and the client can realize the secondary authentication logic without modification, thereby further improving the security of the user access request.
When the method is implemented, the jump server authenticates the first user access request, and if the authentication fails, the first user access request is directly refused. In the embodiment of the invention, if the jump server successfully authenticates the first authentication parameter, the jump server responds to the second authentication parameter and the jump URL (Location, namely the position of the edge node); in this embodiment, the client receives a first response message sent by the jump server and including the second authentication parameter encrypted by the encryption algorithm. Encrypting the second authentication parameter by the encryption algorithm may include: combining at least one of the agreed additional parameters, a time stamp, UA, an IP black-and-white list and cookie, referer into a character string through a preset sequence, and encrypting the character string by utilizing an encryption algorithm to obtain an encrypted second authentication parameter; wherein the agreed additional parameters comprise random numbers or parameters agreed in advance; including but not limited to md5 encryption algorithm, base64 encryption algorithm, and the like.
As shown in fig. 4, step 301, an authentication is performed on a first user access request sent by a client, if the authentication fails, the authentication is directly rejected, and step 302 is performed after the authentication is successful; in step 302, the jump server generates a second authentication parameter, e.g. auth_ke2=timestamp-rand-uid-md 5hash, where timestamp represents a timestamp, rand represents a random number, uid represents an additional parameter, md5hash may represent a key value generated according to the md5 encryption algorithm, e.g. auth_ke2= 1444435200-0-0-80cd3862d699b7118eed99103f2a3a4f. Step 303, in the embodiment of the present invention, the edge nodes IP and auth_key2 may be encrypted (e.g. by using a base64 encryption method) and then assembled to the original URL, where the assembled content may be, for example, http:// 1.1.1.1/1.zigbee=zzz, and the content includes both the location of the edge node and the second authentication parameter; step 400, the content is responded to the client, e.g. http:// 1.1.1/1.Zip? bakey = zzz response to client.
Step S12, a second user access request containing the second authentication parameter is sent to the edge node corresponding to the jump URL. Authenticating the second user access request through the edge node, if the authentication of the edge node is successful, executing the step S13, and if the authentication of the edge node is failed, directly rejecting the second user access request; cases of authentication failure in embodiments of the present invention may include, but are not limited to, parameters being altered, parameters being lost, valid access periods being exceeded, etc. The second user request in the embodiment of the present invention may be, for example, an http or https request, but is not limited thereto. Referring to fig. 4, the present invention includes a step 500 of sending a second user access request, for example, http:// 1.1.1/1.zigbee=zz, to an edge node corresponding to IP 1.1.1.1, where the request includes both the request IP and the request content, and the second authentication parameter after encryption and combination processing. Authenticating the second user access request by the edge node: if the authentication fails, the method is directly rejected, and if the authentication is successful, the step S13 is executed. Before authentication, the edge node decrypts the second user access request through a built-in decryption module, wherein the decryption mode corresponds to an encryption mode, and the decryption modes include, but are not limited to, an md5 decryption mode for the second authentication parameter, a base64 decryption mode for the jump URL and the like.
Step S13, a second response message sent by the edge node is received, where the second response message includes the resource requested by the second user access request, i.e. step 600, and the content corresponding to the second user access request is responded. In the embodiment of the present invention, if the edge node 1.1.1.1 caches the content requested by the second user access request, the cached content is responded to the client, but if there is no response content, the response content may be obtained by the back source mode, that is, the source station is used as the content server, and the content obtained by the back source is sent to the client, and the content obtained by the back source is cached on the current edge node.
The invention can obviously improve the security of the content request of the client, better solve the problem of hotlinking which is easy to occur in the conventional technology, protect the user configuration assets, improve the security of the user data, and improve the user satisfaction and the use experience.
As shown in fig. 2, and in conjunction with fig. 4, an embodiment of the present invention may further provide a method for scheduling requests, which is applied to a jump server, and the method for scheduling requests may include, but is not limited to, steps S20 to S22, which are specifically described below.
Step S20, receiving a first user access request sent by a client, wherein the first user access request comprises a first authentication parameter; the first authentication parameter is located in the request header information or in the request URL of the first user access request. As shown in fig. 4, the first user access request received by the jump server in the embodiment of the present invention may be, for example, http:// www.test.com/1.zip_key1=xxx, where 1.zip may represent the content of the request? The spacer may be represented and auth_key1=xxx may represent the first authentication parameter. It is understood that the first authentication parameter is, for example, a time stamp, a UA, an IP black-and-white list, cookie, referer, and the like, which is not limited thereto. According to the invention, the first authentication parameter is set in the request header information or the request URL, so that the exposure risk of the first authentication parameter can be effectively reduced, the security of one-time authentication process is improved, the security of the user access request is improved, and the user satisfaction is improved.
Step S21, authenticating the first user access request according to the first authentication parameter. Such as, but not limited to, authenticating the time stamp, UA, IP black and white list, cookie, referer, etc. The jump server authenticates the first user access request, and if the authentication fails, the first user access request is directly refused.
Step S22, after authentication is successful, a first response message is sent to the client, wherein the first response message comprises a second authentication parameter and a jump URL, the second authentication parameter is used for authenticating a second user access request sent by the client by an edge node corresponding to the jump URL, and the embodiment of the invention adopts a 302 redirection mode to enable the client to respond to the jump URL, and can also adopt other redirection modes, so that the invention is not limited. The second authentication parameter in this embodiment is located in the response header information of the first response message or in the jump URL. In the embodiment of the invention, if the jump server successfully authenticates the first authentication parameter, the second authentication parameter and the jump URL (Location, i.e. the position of the edge node) are responded to the client. By setting the second authentication parameter in the response header information or the jump URL, the invention can improve the security of the second authentication parameter and greatly enhance the difficulty of being cracked; in addition, the invention realizes constructing the URL carrying the authentication rule in the jump server by setting the second authentication parameter in the jump URL, and the client can realize the secondary authentication logic without modification, thereby further improving the security of the user access request.
Optionally, sending the first response message to the client after authentication success in the embodiment of the present invention includes: if the authentication of the first authentication parameter is successful, encrypting the second authentication parameter through an encryption algorithm; a first response message containing the encrypted second authentication parameter is sent to the client. Specifically, the encrypting the second authentication parameter through the encryption algorithm in the embodiment of the invention comprises the following steps: combining at least one of the agreed additional parameters, a time stamp, UA, an IP black-and-white list and cookie, referer into a character string through a preset sequence, and encrypting the character string by utilizing an encryption algorithm to obtain an encrypted second authentication parameter; wherein the agreed additional parameters comprise random numbers or parameters agreed in advance; including but not limited to md5 encryption algorithm, base64 encryption algorithm, and the like. The invention improves the cracking difficulty of the second authentication parameter by encrypting the second authentication parameter, further avoids the hotlinking behavior, and even if the client intercepts the encrypted second authentication parameter, the specific content contained in the second authentication parameter is very difficult to obtain, thus the invention has the advantage of extremely high safety. In addition, the method combines the selected parameters based on the preset sequence to form the character string, so that the complexity and the cracking difficulty of the encryption process are further improved, and the security of the second authentication parameter is improved.
Optionally, sending the first response message to the client after authentication success in the embodiment of the present invention includes: if the authentication of the first authentication parameter is successful, encrypting the jump URL through an encryption algorithm; sending a first response message containing the encrypted second authentication parameters to the client; the encryption algorithm includes, but is not limited to, a base64 encryption algorithm, etc., and in conjunction with the embodiment of the present invention, the edge nodes IP and auth_key2 may be specifically encrypted and assembled into the original URL, and in conjunction with the above embodiment, the assembled content is, for example, http:// 1.1.1/1.zip_bakey=zzz, where the content includes both the address to be redirected, i.e., the location of the edge node, and the second authentication parameter. The embodiment of the invention encrypts the jump URL, thereby effectively improving the cracking difficulty of the jump URL and further effectively avoiding the possibility of the occurrence of the hotlinking problem.
Optionally, after authentication is successful, before the first response message is sent to the client, the method further includes: the invention can determine the jump URL according to at least one of the first authentication parameter, the client location information, the server service quality information, the server ranking information, the server cache status information and the cost information, for example, the jump URL closest to the client can be determined according to the client location information, the jump URL is determined from the edge node with the best server service quality, the jump URL is determined from the edge node with the higher server ranking, the jump URL is determined from the edge node with the good server cache status, and the jump URL is determined from the edge node with lower cost. Wherein the jump URL represents address information of the edge node and includes, but is not limited to, at least one of identification information, domain name information, and IP address of the edge node. The invention can determine the most proper edge node from a large number of edge nodes, namely, the optimal jump URL, comprehensively considers the factors of the position, the service quality, the ranking, the cache state, the cost and the like, and achieves the purposes of optimal scheduling and balanced scheduling of the user access request. Moreover, the invention also determines the position of the edge node through one or more address information, which not only enriches the determination mode of the edge node address, but also avoids the problem that the edge node address in a single form is easy to be stolen.
Based on the secondary authentication mode, the invention can better solve the hotlinking problem existing in the prior art, greatly reduce the exposure risk of user configuration assets, improve the safety of user data, protect the privacy of users, and have better user experience and higher satisfaction. The invention can issue configuration information to the small particle edge node, wherein the configuration information comprises the anti-theft chain information, and authentication judgment is carried out on the small particle edge node so as to achieve the technical purposes of anti-theft chain and the like. The invention carries out one authentication on the jump server, successfully receives the edge node position responded by the jump server and the second authentication parameter according to the one authentication, and then carries out one authentication on the second authentication parameter on the corresponding edge node, thereby realizing two authentications, greatly avoiding the possibility of service hotlinking and protecting the benefits of users and websites. The invention can better adapt to the scene that the distributed sinking server is used as the content server, and the URL dual authentication can be realized on the content server without user configuration, and the invention does not need the user to manually operate at the client, thereby effectively reinforcing the anti-theft chain scheme and timely finding and processing the anti-theft chain behavior; in addition, by adopting a domain name encryption or parameter encryption mode, the invention can carry out omnibearing protection on user assets such as domain name information, configuration information and the like.
In addition, the jump URL in the embodiment of the invention comprises at least one of the identification information, the domain name information and the IP address of the edge node, and the invention also determines the position of the edge node through one or more address information, so that the determination mode of the edge node address can be enriched, and the problem that the edge node address in a single form is easy to be stolen and linked is avoided
The invention carries out one-time authentication through the jump server, generates the parameters for re-authentication after the authentication passes and determines the corresponding edge node, thus greatly avoiding the possibility of stolen connection of service, improving the request safety and protecting the rights and interests of users and resource websites through double authentication.
As shown in fig. 3, and in conjunction with fig. 4, the embodiment of the present invention further provides a method for requesting scheduling, which is applied to an edge node, and the method for requesting scheduling may include, but is not limited to, steps S30 to S32, which are specifically described below.
Step S30, receiving a second user access request sent by the client, where the second user access request includes a second authentication parameter. The edge node and the second authentication parameter are determined according to a first response message received by the client from the jump server, wherein the first response message comprises the second authentication parameter and the jump URL, and the second authentication parameter is located in response header information or the jump URL of the first response message. As shown in fig. 4, the second user access request in the embodiment of the present invention is, for example, http:// 1.1.1/1.zigbee=zz, where the request includes both the request IP and the request content, and the second authentication parameter after encryption and combination processing. By setting the second authentication parameter in the response header information or the jump URL, the invention can improve the security of the second authentication parameter and greatly enhance the difficulty of being cracked; in addition, the invention realizes constructing the URL carrying the authentication rule in the jump server by setting the second authentication parameter in the jump URL, and the client can realize the secondary authentication logic without modification, thereby further improving the security of the user access request. In addition, the jump URL in the embodiment of the invention comprises at least one of the identification information, the domain name information and the IP address of the edge node, and the position of the edge node is determined by one or more address information.
Step S31, authenticating the second user access request according to the second authentication parameter. The authentication mode and rule can be either pre-agreed by the edge node and the jump server or respectively issued to the edge node and the jump server through a third party management platform, or the edge node can request and verify the jump server in real time after receiving the second authentication parameter. The invention authenticates the second user access request through the edge node: if the authentication fails, the method is directly rejected, and if the authentication is successful, the method proceeds to step 32.
Optionally, in the embodiment of the present invention, authenticating the second user access request according to the second authentication parameter includes: and authenticating the second user access request according to the second authentication parameter encrypted by the encryption algorithm. It should be appreciated that the edge node decrypts the second user access request by a built-in decryption module prior to authentication, the decryption manner corresponds to the encryption manner, and may include, but is not limited to, md5 decryption manner for the second authentication parameter, base64 decryption manner for the jump URL, and the like.
And step S32, after the authentication is successful, a second response message is sent to the client, wherein the second response message comprises resources requested by the second user access. In the embodiment of the present invention, if the edge node 1.1.1.1 caches the content requested by the second user access request, the cached content is responded to the client, but if the content is not responded, the response content is obtained by the back source mode, the content obtained by the back source is sent to the client, and the content obtained by the back source is cached on the current edge node.
In the case of wider node distribution and gradually smaller node granularity, the invention not only better adapts to the technical development through the scheduling scheme of the jump server and the edge nodes, but also ensures the purposes of reducing the hotlinking risk even if the edge nodes are exposed through adding a secondary authentication scheme, and the like. The edge nodes to which the present invention relates are nodes in, for example, CDN (Content Delivery Network ), SD-WAN (Software Defined Wide Area Network, software defined local area network) or edge cloud network, in this embodiment used as edge nodes for providing resources.
Based on the secondary authentication mode, the invention can better solve the hotlinking problem existing in the prior art, greatly reduce the exposure risk of user configuration assets, improve the safety of user data, protect the privacy of users, and have better user experience and higher satisfaction. The invention can issue configuration information to the small particle edge node, wherein the configuration information comprises the anti-theft chain information, and authentication judgment is carried out on the small particle edge node so as to achieve the technical purposes of anti-theft chain and the like. The invention carries out one authentication on the jump server, successfully receives the edge node position responded by the jump server and the second authentication parameter according to the one authentication, and then carries out one authentication on the second authentication parameter on the corresponding edge node, thereby realizing two authentications, greatly avoiding the possibility of service hotlinking and protecting the benefits of users and websites. The invention can better adapt to the scene that the distributed sinking server is used as the content server, and the URL dual authentication can be realized on the content server without user configuration, and the invention does not need the user to manually operate at the client, thereby effectively reinforcing the anti-theft chain scheme and timely finding and processing the anti-theft chain behavior; in addition, by adopting a domain name encryption or parameter encryption mode, the invention can carry out omnibearing protection on user assets such as domain name information, configuration information and the like.
The embodiment of the invention also provides a device for requesting scheduling, which is applied to a client based on the same technical conception as the method for requesting scheduling. The apparatus includes, but is not limited to, a first request sending module, a first message receiving module, a second request sending module, and a second message receiving module.
The first request sending module can be used for sending a first user access request to the jump server; the first user access request comprises a first authentication parameter, and the first authentication parameter is used for authenticating the first user access request sent by the client by the jump server. In the embodiment of the invention, the first authentication parameter is located in the request header information or the request URL of the first user access request.
The first message receiving module can be used for receiving a first response message sent by the jump server; the first response message includes a second authentication parameter and a jump URL, where the second authentication parameter is used by the edge node to authenticate the second user access request sent by the client. In this embodiment, the second authentication parameter is located in the response header information of the first response message or in the jump URL. By setting the second authentication parameter in the response header information or the jump URL, the invention can improve the security of the second authentication parameter and greatly enhance the difficulty of being cracked; in addition, the invention realizes constructing the URL carrying the authentication rule in the jump server by setting the second authentication parameter in the jump URL, and the client can realize the secondary authentication logic without modification, thereby further improving the security of the user access request.
The second request sending module may be configured to send a second user access request including a second authentication parameter to an edge node corresponding to the jump URL.
The second message receiving module may be configured to receive a second response message sent by the edge node, where the second response message includes the resource requested by the second user access request.
The invention can obviously improve the security of the content request of the client, better solve the problem of hotlinking which is easy to occur in the conventional technology, protect the user configuration assets, improve the security of the user data, and improve the user satisfaction and the use experience.
The embodiment of the invention also provides a device for requesting scheduling, which is applied to a jump server. The apparatus includes, but is not limited to, a first request receiving module, a first request authenticating module, and a first message sending module.
The first request receiving module may be configured to receive a first user access request issued by a client, the first user access request including a first authentication parameter. The first authentication parameter is located in the request header information or in the request URL of the first user access request.
The first request authentication module may be configured to authenticate the first user access request according to the first authentication parameter.
The first message sending module may be configured to send a first response message to the client after the authentication is successful, where the first response message includes a second authentication parameter and a jump URL, and the second authentication parameter is used by an edge node corresponding to the jump URL to authenticate a second user access request sent by the client. The first message sending module in the embodiment of the present invention may be further configured to determine a jump URL according to at least one of a first authentication parameter, client location information, server service quality information, server ranking information, server cache status information, and cost information, where the jump URL includes at least one of domain name information and an IP address of an edge node. The second authentication parameter is located in the response header information or in the jump URL of the first response message. By setting the second authentication parameter in the response header information or the jump URL, the invention can improve the security of the second authentication parameter and greatly enhance the difficulty of being cracked; in addition, the invention realizes constructing the URL carrying the authentication rule in the jump server by setting the second authentication parameter in the jump URL, and the client can realize the secondary authentication logic without modification, thereby further improving the security of the user access request.
The device for requesting scheduling further comprises a first encryption module, wherein the first encryption module is used for encrypting the second authentication parameter through an encryption algorithm under the condition that the authentication of the first authentication parameter is successful. The first encryption module is specifically configured to combine at least one of the agreed additional parameters, a timestamp, UA, an IP black-and-white list, and cookie, referer into a character string through a preset sequence, and encrypt the character string by using an encryption algorithm to obtain an encrypted second authentication parameter; the method comprises the steps of carrying out a first treatment on the surface of the Wherein the agreed additional parameters include request header information of the first user access request. The first message sending module is used for sending a first response message containing the encrypted second authentication parameters to the client.
The device for requesting dispatch further comprises a second encryption module, wherein the second encryption module is used for encrypting the jump URL through an encryption algorithm under the condition that the authentication of the first authentication parameter is successful. The first message sending module is used for sending a first response message containing the encrypted jump URL to the client.
The invention carries out one-time authentication through the jump server, generates the parameters for re-authentication after the authentication passes and determines the corresponding edge node, thus greatly avoiding the possibility of stolen connection of service, improving the request safety and protecting the rights and interests of users and resource websites through double authentication.
The embodiment of the invention also provides a device for requesting scheduling, which is applied to the edge node. The apparatus includes, but is not limited to, a second request receiving module, a second request authenticating module, and a second message sending module.
The second request receiving module may be configured to receive a second user access request sent by the client, where the second user access request includes a second authentication parameter; the edge node and the second authentication parameter are determined from a first response message received by the client from the jump server. The second authentication parameter in the embodiment of the invention is located in the response header information of the first response message or in the jump URL.
The second request authentication module may be configured to authenticate the second user access request according to a second authentication parameter, and the second request authentication module may be specifically configured to authenticate the second user access request according to the second authentication parameter encrypted by the encryption algorithm.
The second message sending module may be configured to send a second response message to the client after the authentication is successful, where the second response message includes the resource of the second user access request.
Based on the secondary authentication mode, the invention can better solve the hotlinking problem existing in the prior art, greatly reduce the exposure risk of user configuration assets, improve the safety of user data, protect the privacy of users, and have better user experience and higher satisfaction.
As shown in fig. 5, the present invention can provide an electronic device based on the same inventive concept as the method of request scheduling. The electronic device includes a memory and a processor having stored therein computer readable instructions that, when executed by the processor, cause the processor to perform the steps of the method of requesting scheduling in any of the embodiments of the present invention. The detailed process of the method for requesting scheduling is described in detail in the present specification, and will not be described herein.
The present invention may also provide a storage medium storing computer-readable instructions that, when executed by one or more processors, cause the one or more processors to perform the steps of the method for scheduling a request in any of the embodiments of the present invention, based on the same inventive concept. The detailed process of the method for requesting scheduling is described in detail in the present specification, and will not be described herein.
The present invention may also provide a computer program product comprising a computer program which, when executed by one or more processors, implements the steps of the method of requesting processing in any of the embodiments of the present invention, based on the same inventive concept as the method of requesting scheduling. The detailed process of the method for requesting scheduling is described in detail in the present specification, and will not be described herein.
Logic and/or steps represented in the flowcharts or otherwise described herein, e.g., a ordered listing of executable instructions for implementing logical functions, can be embodied in any computer-readable storage medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable storage medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection (electronic device) with one or more wires, a portable computer cartridge (magnetic device), a random access Memory (RAM, random Access Memory), a Read-Only Memory (ROM), an erasable programmable Read-Only Memory (EPROM, erasable Programmable Read-Only Memory, or flash Memory), an optical fiber device, and a portable compact disc Read-Only Memory (CDROM, compact Disc Read-Only Memory). In addition, the computer-readable storage medium may even be paper or other suitable medium upon which the program is printed, as the program may be electronically captured, via, for instance, optical scanning of the paper or other medium, then compiled, interpreted, or otherwise processed in a suitable manner, if necessary, and then stored in a computer memory.
It is to be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above-described embodiments, the various steps or methods may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, may be implemented using any one or combination of the following techniques, as is well known in the art: discrete logic circuits with logic gates for implementing logic functions on data signals, application specific integrated circuits with appropriate combinational logic gates, programmable gate arrays (PGA, programmable Gate Array), field programmable gate arrays (FPGA, field Programmable Gate Array), and the like.
In the description of the present specification, a description referring to the terms "present embodiment," "one embodiment," "some embodiments," "example," "specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, the different embodiments or examples described in this specification and the features of the different embodiments or examples may be combined and combined by those skilled in the art without contradiction.
Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In the description of the present invention, the meaning of "plurality" means at least two, for example, two, three, etc., unless specifically defined otherwise.
The above description is only of the preferred embodiments of the present invention, and is not intended to limit the invention, but any modifications, equivalents, and simple improvements made within the spirit of the present invention should be included in the scope of the present invention.

Claims (19)

1. A method for requesting scheduling, applied to a client, comprising:
sending a first user access request to a jump server; the first user access request comprises a first authentication parameter, and the first authentication parameter is used for authenticating the first user access request sent by the client by the jump server;
receiving a first response message sent by a jump server; the first response message comprises a second authentication parameter and a jump URL, wherein the second authentication parameter is used for authenticating a second user access request sent by the client by an edge node corresponding to the jump URL;
Sending a second user access request containing the second authentication parameter to the edge node;
and receiving a second response message sent by the edge node, wherein the second response message comprises resources requested by a second user access request.
2. The method of claim 1, wherein,
the first authentication parameter is located in request header information or request URL of the first user access request;
the second authentication parameter is located in response header information of the first response message or in the jump URL.
3. A method for scheduling requests, applied to a jump server, comprising:
receiving a first user access request sent by a client, wherein the first user access request comprises a first authentication parameter;
authenticating the first user access request according to the first authentication parameter;
and after the authentication is successful, a first response message is sent to the client, wherein the first response message comprises a second authentication parameter and a jump URL, and the second authentication parameter is used for authenticating a second user access request sent by the client by an edge node corresponding to the jump URL.
4. A method for scheduling a request according to claim 3, wherein the sending a first response message to the client after the authentication is successful comprises:
If the authentication of the first authentication parameter is successful, encrypting the second authentication parameter through an encryption algorithm;
and sending a first response message containing the encrypted second authentication parameters to the client.
5. The method of claim 4, wherein encrypting the second authentication parameter by an encryption algorithm comprises:
combining at least one of the agreed additional parameters, a time stamp, UA, an IP black-and-white list and cookie, referer into a character string through a preset sequence, and encrypting the character string by utilizing an encryption algorithm to obtain an encrypted second authentication parameter;
wherein the agreed additional parameters include request header information of the first user access request.
6. A method for scheduling a request according to claim 3, wherein the sending a first response message to the client after the authentication is successful comprises:
if the authentication of the first authentication parameter is successful, encrypting the jump URL through an encryption algorithm;
and sending a first response message containing the encrypted jump URL to the client.
7. A method for scheduling a request according to claim 3, wherein after the authentication is successful, before the first response message is sent to the client, the method further comprises:
And determining the jump URL according to at least one of the first authentication parameter, the client position information, the server service quality information, the server ranking information, the server cache state information and the cost information.
8. The method of claim 3, wherein,
the jump URL comprises at least one of identification information, domain name information and IP address of the edge node.
9. The method of claim 3, wherein,
the first authentication parameter is located in request header information or request URL of the first user access request;
the second authentication parameter is located in response header information of the first response message or in the jump URL.
10. A method for requesting scheduling, applied to an edge node, comprising:
receiving a second user access request sent by a client; the second user access request includes a second authentication parameter; the edge node and the second authentication parameter are determined according to a first response message received by the client from the jump server;
authenticating the second user access request according to the second authentication parameter;
and after the authentication is successful, sending a second response message to the client, wherein the second response message comprises resources requested by a second user to access.
11. The method of claim 10, wherein authenticating the second user access request according to the second authentication parameter comprises:
the first response message includes a second authentication parameter and a jump URL.
12. The method of claim 11, wherein,
the jump URL comprises at least one of identification information, domain name information and IP address of the edge node.
13. The method of claim 10, wherein,
the second authentication parameter is located in response header information of the first response message or in the jump URL.
14. An apparatus for requesting scheduling, applied to a client, comprising:
the first request sending module is used for sending a first user access request to the jump server; the first user access request comprises a first authentication parameter, and the first authentication parameter is used for authenticating the first user access request sent by the client by the jump server;
the first message receiving module is used for receiving a first response message sent by the jump server; the first response message comprises a second authentication parameter and a jump URL, wherein the second authentication parameter is used for authenticating a second user access request sent by the client by an edge node corresponding to the jump URL;
A second request sending module, configured to send a second user access request including the second authentication parameter to the edge node;
and the second message receiving module is used for receiving a second response message sent by the edge node, wherein the second response message comprises resources requested by a second user access request.
15. An apparatus for requesting scheduling, applied to a jump server, comprising:
the first request receiving module is used for receiving a first user access request sent by the client, wherein the first user access request comprises a first authentication parameter;
the first request authentication module is used for authenticating the first user access request according to the first authentication parameter;
the first message sending module is used for sending a first response message to the client after authentication is successful, wherein the first response message comprises a second authentication parameter and a jump URL, and the second authentication parameter is used for authenticating a second user access request sent by the client by an edge node corresponding to the jump URL.
16. An apparatus for requesting scheduling, applied to an edge node, comprising:
the second request receiving module is used for receiving a second user access request sent by the client; the second user access request includes a second authentication parameter; the edge node and the second authentication parameter are determined according to a first response message received by the client from the jump server;
The second request authentication module is used for authenticating the second user access request according to the second authentication parameter;
and the second message sending module is used for sending a second response message to the client after the authentication is successful, wherein the second response message comprises resources of a second user access request.
17. An electronic device comprising a memory and a processor, the memory having stored therein computer readable instructions which, when executed by the processor, cause the processor to perform the steps of the method of requesting scheduling of any one of claims 1-2 or 3-9 or 10-13.
18. A storage medium storing computer readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the method of requesting scheduling of any one of claims 1-2 or 3-9 or 10-13.
19. A computer program product comprising a computer program, characterized in that the computer program when executed by one or more processors realizes the steps of the method of request processing according to any of claims 1-2 or 3-9 or 10-13.
CN202111408140.9A 2021-11-24 2021-11-24 Method, device, electronic equipment and storage medium for requesting scheduling Pending CN116170164A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202111408140.9A CN116170164A (en) 2021-11-24 2021-11-24 Method, device, electronic equipment and storage medium for requesting scheduling
PCT/CN2022/133778 WO2023093772A1 (en) 2021-11-24 2022-11-23 Request scheduling method and apparatus, electronic device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111408140.9A CN116170164A (en) 2021-11-24 2021-11-24 Method, device, electronic equipment and storage medium for requesting scheduling

Publications (1)

Publication Number Publication Date
CN116170164A true CN116170164A (en) 2023-05-26

Family

ID=86416879

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111408140.9A Pending CN116170164A (en) 2021-11-24 2021-11-24 Method, device, electronic equipment and storage medium for requesting scheduling

Country Status (2)

Country Link
CN (1) CN116170164A (en)
WO (1) WO2023093772A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117040746B (en) * 2023-10-10 2024-02-27 联通在线信息科技有限公司 CDN client encryption anti-theft chain implementation method and electronic equipment

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1992594B (en) * 2005-12-31 2014-07-16 中兴通讯股份有限公司 URL extension method for streaming media system
CN104283845B (en) * 2013-07-03 2017-10-27 中国电信股份有限公司 Anti-stealing link method and system and CDN server and client
CN105827673B (en) * 2015-01-05 2019-03-12 中国移动通信集团浙江有限公司 A kind of method, apparatus and network server of door chain
US10454949B2 (en) * 2015-11-20 2019-10-22 International Business Machines Corporation Guarding against cross-site request forgery (CSRF) attacks
CN110365688B (en) * 2019-07-19 2022-06-07 湖南快乐阳光互动娱乐传媒有限公司 Anti-stealing-link method and device

Also Published As

Publication number Publication date
WO2023093772A1 (en) 2023-06-01

Similar Documents

Publication Publication Date Title
CN106209749B (en) Single sign-on method and device, and related equipment and application processing method and device
US20200169406A1 (en) Security authentication method and device
US8296828B2 (en) Transforming claim based identities to credential based identities
CN107517179B (en) Authentication method, device and system
US20220394026A1 (en) Network identity protection method and device, and electronic equipment and storage medium
US11102191B2 (en) Enabling single sign-on authentication for accessing protected network services
US20080270578A1 (en) Method, Device And Data Download System For Controlling Effectiveness Of A Download Transaction
CN101860540B (en) Method and device for identifying legality of website service
WO2017020452A1 (en) Authentication method and authentication system
US20090290715A1 (en) Security architecture for peer-to-peer storage system
US20030208681A1 (en) Enforcing file authorization access
CN111355726B (en) Identity authorization login method and device, electronic equipment and storage medium
US8977857B1 (en) System and method for granting access to protected information on a remote server
CN109672675B (en) OAuth 2.0-based WEB authentication method of password service middleware
US10581806B2 (en) Service providing method, service requesting method, information processing device, and client device
US10257171B2 (en) Server public key pinning by URL
CN111526161A (en) Communication method, communication equipment and proxy system
WO2020062667A1 (en) Data asset management method, data asset management device and computer readable medium
CN112487450A (en) File server access grading method
CN111193755B (en) Data access method, data encryption method and data encryption and access system
CN112118242A (en) Zero trust authentication system
CN111786996A (en) Cross-domain synchronous login state method and device and cross-domain synchronous login system
CN109905376B (en) Method and system for preventing illegal access to server
WO2023093772A1 (en) Request scheduling method and apparatus, electronic device, and storage medium
CN110807210B (en) Information processing method, platform, system and computer storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination