CN117972762A - User data isolation method, device, equipment and storage medium - Google Patents
User data isolation method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN117972762A CN117972762A CN202311317074.3A CN202311317074A CN117972762A CN 117972762 A CN117972762 A CN 117972762A CN 202311317074 A CN202311317074 A CN 202311317074A CN 117972762 A CN117972762 A CN 117972762A
- Authority
- CN
- China
- Prior art keywords
- user
- target
- browser
- rendering
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000002955 isolation Methods 0.000 title claims abstract description 74
- 238000009877 rendering Methods 0.000 claims abstract description 236
- 238000000034 method Methods 0.000 claims abstract description 39
- 230000001960 triggered effect Effects 0.000 claims abstract description 33
- 238000011156 evaluation Methods 0.000 claims description 19
- 238000013500 data storage Methods 0.000 claims description 9
- 230000002159 abnormal effect Effects 0.000 description 13
- 238000004891 communication Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 230000002547 anomalous effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000000725 suspension Substances 0.000 description 1
Abstract
The invention relates to the technical field of data processing, and discloses a user data isolation method, a device, equipment and a storage medium, wherein the method comprises the following steps: acquiring a remote access request triggered by a user browser; starting a target browser through rendering service, wherein the target browser is determined according to account information of a login user on a user browser; and processing the remote access request through the target browser, storing the obtained user access data into a target database, and independently creating the target database according to the account information. According to the invention, the remote access request triggered by the user browser is processed through the target browser, and the obtained user access data is stored in the target database which is independently created according to the account information of the login user on the user browser, so that the technical problem that access data conflict can be generated when multiple accounts are simultaneously accessed when the remote server is deployed in a multi-account mode in the prior art is solved, and the user experience is further improved.
Description
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a method, an apparatus, a device, and a storage medium for user data isolation.
Background
The remote browser technology refers to that when a user accesses an external website by using a common browser, the user accesses the browser deployed on a remote server instead of directly, and then accesses the external website by the browser on the remote server, and after the access is successful, a webpage image is generated by the remote browser and is transmitted to the browser used by the user for display.
In the prior art, in order to improve the resource utilization rate, the remote server is deployed in a multi-account mode and can be accessed by a plurality of accounts. But accessing the remote browser simultaneously when multiple accounts may result in conflicting access data, thereby affecting the user's use experience.
The foregoing is provided merely for the purpose of facilitating understanding of the technical solutions of the present invention and is not intended to represent an admission that the foregoing is prior art.
Disclosure of Invention
The invention mainly aims to provide a user data isolation method, device, equipment and storage medium, and aims to solve the technical problem that access data conflict can be generated when multiple accounts are accessed simultaneously when a remote server is deployed in a multi-account mode in the prior art.
In order to achieve the above object, the present invention provides a user data isolation method, including:
acquiring a remote access request triggered by a user browser;
Starting a target browser through rendering service, wherein the target browser is determined according to account information of a login user on the user browser;
And processing the remote access request through the target browser, and storing the obtained user access data into a target database, wherein the target database is independently created according to the account information.
Optionally, before the step of obtaining the remote access request triggered by the user browser, the method further includes:
registering and storing the rendering service in a server storage library corresponding to the scheduling service when the current working state of the rendering service is a normal running state;
the step of starting the target browser through the rendering service comprises the following steps:
Determining a target rendering service in the server repository;
And starting a target browser through the target rendering service.
Optionally, the step of determining the target rendering service in the server repository includes:
Acquiring working states corresponding to all rendering services in the server storage library through the scheduling service;
determining idle rendering services from all the rendering services according to the working state;
acquiring performance index information of the idle rendering service;
And determining a target rendering service from the idle rendering services according to the performance index information.
Optionally, the performance index information includes: memory usage information and CPU usage information; the step of determining a target rendering service from the idle rendering services according to the performance index information comprises the following steps:
acquiring index evaluation values corresponding to the idle rendering services according to the memory use information and the CPU use information;
Performing performance ranking on the idle rendering services according to the index evaluation values;
And determining a target rendering service from the idle rendering services according to the sorting result.
Optionally, after the step of processing the remote access request by the target browser and storing the obtained user access data in the target database, the method further includes:
acquiring a user identifier of the login user according to the account information;
and establishing an authority binding relationship between the user identifier and the target database through a preset authority binding instruction.
Optionally, after the step of establishing the permission binding relationship between the user identifier and the target database through the preset permission binding instruction, the method further includes:
when a remote access ending instruction triggered by the user browser is received, the authority binding relation is released;
And when the release is completed, carrying out data hiding processing on the user access data through a data hiding instruction, and switching the access state corresponding to the target database into a pause access state.
Optionally, before the step of starting the target browser through the rendering service, the method further includes:
Database matching is carried out on a plurality of target databases based on account information of a login user on the user browser;
Judging whether a target database with a historical binding relation with the account information exists or not according to the matching result;
If yes, opening the access right of the target database, and executing the step of starting the target browser through the rendering service.
In addition, to achieve the above object, the present invention also proposes a user data isolation device, the device comprising:
the request acquisition module is used for acquiring a remote access request triggered by a user browser;
The browser starting module is used for starting a target browser through rendering service, and the target browser is determined according to account information of a login user on the user browser;
And the data storage module is used for processing the remote access request through the target browser and storing the obtained user access data into a target database, and the target database is independently created according to the account information.
In addition, to achieve the above object, the present invention also proposes a user data isolation device, the device comprising: a memory, a processor, and a user data isolation program stored on the memory and executable on the processor, the user data isolation program configured to implement the steps of the user data isolation method as described above.
In addition, to achieve the above object, the present invention also proposes a storage medium having stored thereon a user data isolation program which, when executed by a processor, implements the steps of the user data isolation method as described above.
In the invention, a remote access request triggered by a user browser is obtained; starting a target browser through rendering service, wherein the target browser is determined according to account information of a login user on a user browser; processing the remote access request through a target browser, storing the obtained user access data into a target database, and independently creating the target database according to account information; according to the method and the device, the target browser is started through the rendering server, the remote access request triggered by the user browser is processed through the target browser, and then the obtained user access data are stored in the target database which is independently created according to the account information of the login user on the user browser, so that the technical problem that access data conflict can be generated when the remote server adopts multi-account deployment in the prior art in the multi-account simultaneous access mode is solved, and the user experience is improved.
Drawings
FIG. 1 is a schematic diagram of a configuration of a user data isolation device of a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flowchart of a first embodiment of a user data isolation method according to the present invention;
FIG. 3 is a flowchart of a second embodiment of a user data isolation method according to the present invention;
FIG. 4 is a flowchart of a third embodiment of a user data isolation method according to the present invention;
fig. 5 is a block diagram of a first embodiment of a user data isolation device according to the present invention.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Referring to fig. 1, fig. 1 is a schematic diagram of a user data isolation device of a hardware running environment according to an embodiment of the present invention.
As shown in fig. 1, the user data isolation device may include: a processor 1001, such as a central processing unit (Central Processing Unit, CPU), a communication bus 1002, a user interface 1003, a network interface 1004, a memory 1005. Wherein the communication bus 1002 is used to enable connected communication between these components. The user interface 1003 may include a Display, an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may further include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a Wireless interface (e.g., a Wireless-Fidelity (Wi-Fi) interface). The Memory 1005 may be a high-speed random access Memory (Random Access Memory, RAM) or a stable nonvolatile Memory (NVM), such as a disk Memory. The memory 1005 may also optionally be a storage device separate from the processor 1001 described above.
Those skilled in the art will appreciate that the structure shown in fig. 1 is not limiting of the user data isolation device and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
As shown in fig. 1, an operating system, a network communication module, a user interface module, and a user data isolation program may be included in the memory 1005 as one type of storage medium.
In the user data isolation device shown in fig. 1, the network interface 1004 is mainly used for data communication with a network server; the user interface 1003 is mainly used for data interaction with a user; the processor 1001 and the memory 1005 in the user data isolation device of the present invention may be disposed in the user data isolation device, where the user data isolation device invokes the user data isolation program stored in the memory 1005 through the processor 1001, and executes the user data isolation method provided by the embodiment of the present invention.
An embodiment of the present invention provides a user data isolation method, referring to fig. 2, fig. 2 is a schematic flow chart of a first embodiment of the user data isolation method of the present invention.
In this embodiment, the user data isolation method includes the following steps:
step S10: and acquiring a remote access request triggered by the user browser.
It should be noted that, the execution body of the method of the embodiment may be a user data isolation device for isolating user data corresponding to each account on the remote server, or other user data isolation systems that can implement the same or similar functions and include the user data isolation device. The user data isolation method provided in this embodiment and the following embodiments will be specifically described herein with reference to a user data isolation system (hereinafter referred to as a system).
It should be noted that, in the user data isolation system in this embodiment, a rendering server and a scheduling server may be deployed, where a rendering service is deployed in the rendering server, and the rendering service may be used to launch a browser and control rights; the scheduling server can be used for scheduling the user side and the rendering server.
It should be appreciated that the user browser described above may be a generic browser currently in use by a user. In practical application, a user can access a browser deployed on a remote server through a common browser, and then access an external website through the browser on the remote server, so as to access the external website through the common browser.
It will be appreciated that the remote access request described above may be an access request that a user needs to send to the system before accessing a browser deployed on a remote server using the user's browser.
In practical application, when a user accesses a browser deployed on a remote server by using a user browser, a remote access request is triggered, and at this time, the system can acquire the remote access request triggered by the user browser.
Step S20: and starting a target browser through the rendering service, wherein the target browser is determined according to account information of a login user on the user browser.
It should be noted that the rendering service may be a service for launching a browser and controlling rights.
It should be understood that the target browser may be a browser corresponding to an account of a login user on the user browser, where the login user is a user who logs into the user browser. The account information of the login user may be account information, password, user identifier, etc. corresponding to the login user, which is not limited in this embodiment.
In a specific implementation, in this embodiment, each user's account has its corresponding browser, and the rendering service may obtain account information corresponding to the user who logs in to the user's browser, and determine and start a target browser corresponding to the logged-in account according to a user identifier in the account information.
Further, in order to determine the appropriate rendering service and launch the browser through the appropriate rendering service, before the step S10, the method further includes: registering and storing the rendering service in a server storage library corresponding to the scheduling service when the current working state of the rendering service is a normal running state; the step S20 includes: determining a target rendering service in the server repository; and starting a target browser through the target rendering service.
It should be noted that, the current working state may be a working state of the rendering service at the current moment, and in this embodiment, the current working state may include: normal operating conditions and abnormal operating conditions. The normal running state is a corresponding fault state when the rendering service can work normally; accordingly, the abnormal operation state may be a working state corresponding to the rendering service when a fault or a working abnormality occurs.
It should be appreciated that the scheduling service described above may be a service deployed on a system for scheduling of user side and rendering services.
It is understood that the server repository described above may be a storage space in the dispatch service for storing rendering services.
In practical application, since the user browser needs to access the browser deployed on the remote server first when accessing the external network, and then the browser on the remote server accesses the external website, in this embodiment, the system needs to start a browser for the user browser to access, and the rendering service needs to be scheduled by the scheduling service.
It should be noted that, the target rendering service may be the best performing rendering service in the server repository. In this embodiment, in order to ensure normal startup of the target browser, the best-possible rendering service may be determined from all rendering services according to the performance of all rendering services in the server repository, and the rendering service may be determined as the target rendering service, so as to startup the target browser through the target rendering service.
Further, in order to improve efficiency of selecting the target rendering service by the scheduling service, after the step of registering and storing the rendering service in the server repository corresponding to the scheduling service when the current working state of the rendering service is the normal running state, the method further includes: when the current working state is an abnormal operation state, determining an abnormal rendering service corresponding to the abnormal operation state; the exception rendering service is removed from the server repository.
It should be appreciated that the above-described exception rendering service may be a malfunctioning or operationally anomalous rendering service.
In a specific implementation, the system can monitor the running states of all rendering services in the server storage in real time, if the rendering services are found to have faults or abnormal work, that is, the current working states of the rendering services are abnormal running states, the abnormal rendering services with the abnormal states can be determined, and the abnormal rendering services are removed from the data storage, so that the data processing amount of the target rendering services determined by the scheduling services from the server storage is reduced, the efficiency of selecting the target rendering services by the scheduling services is improved, and the efficiency of remote access by the user browser is further improved.
Step S30: and processing the remote access request through the target browser, and storing the obtained user access data into a target database, wherein the target database is independently created according to the account information.
It should be noted that, the user access data may be data information generated when the user browser accesses the target browser. In practical application, the remote access request triggered by the user browser carries information to be accessed by the user browser, and at this time, the target browser can process the remote access request triggered by the user to obtain data information generated when the user browser accesses the target browser.
It should be appreciated that the target database described above may be a database created from account information of a login user for storing data information of the login user. Specifically, the target database in this embodiment may be a distributed key value database.
In a specific implementation, in this embodiment, a database corresponding to the login user may be created according to the user identifier of the login user in the account information, where data generated by the login user in the process of accessing the target browser only falls into the corresponding target database. In addition, all accounts under the remote server in the scheme can create respective corresponding databases, and data generated in the process of accessing the browser respectively can fall into the databases corresponding to each other, so that user data isolation is realized, and access data conflict is prevented when multiple accounts access the browser.
Further, in order to ensure that the data generated by the user browser accessing the target browser is stored in the target database, before step S20, the method further includes: determining a current login mode of the user browser; determining target user information and account information of a login user on the user browser according to the current login mode; and calling a dispatch service interface to send the target user information and the account information to the target rendering service, wherein the target user information and the account information are used for establishing an authority binding relation with a target database.
It will be appreciated that the current login manner may be a manner that a login user logs in to a user browser, for example: account login, device login, etc., which are not limited in this embodiment. The account login mode can be a mode of logging in a browser by adopting a browser account and a password; the device login mode may be a mode of logging in a browser through a mobile terminal device.
It should be noted that, if the user logs in the browser in an account login manner, the corresponding target user information may be a logged-in account or ID; if the user logs in the browser in the device login mode, the corresponding target user information may be the ID of the device.
In a specific implementation, when a user browser performs remote access, the system can determine a mode that the user logs in the browser, acquire an account number or a device ID corresponding to the current login mode according to a remote access request triggered by the user browser, and call a dispatch service interface to send target user information and account information of a logged-in user to a target rendering service after the dispatch service determines a proper target rendering service, so that the target rendering service establishes an authority binding relation with a target database according to the information to perform data isolation.
The embodiment discloses a method for acquiring a remote access request triggered by a user browser; starting a target browser through rendering service, wherein the target browser is determined according to account information of a login user on a user browser; processing the remote access request through a target browser, storing the obtained user access data into a target database, and independently creating the target database according to account information; according to the method, the target browser is started through the rendering server, the remote access request triggered by the user browser is processed through the target browser, and then the obtained user access data are stored in the target database which is independently created according to the account information of the login user on the user browser, so that the technical problem that access data conflict can be generated when the remote server adopts the multi-account mode for deployment in the prior art in the multi-account mode for simultaneous access is solved, and the user experience is improved. Meanwhile, the embodiment registers and stores the rendering service in the normal running state in the server storage library corresponding to the scheduling service, determines the target rendering service in the server storage library, and starts the target browser through the target rendering service, so that the scheduling service can directly schedule the target rendering service in the server storage library to start the browser, and further the remote access efficiency of the user browser is improved.
Referring to fig. 3, fig. 3 is a flowchart illustrating a second embodiment of the user data isolation method according to the present invention.
Based on the first embodiment, in this embodiment, the step of determining the target rendering service in the server repository includes:
step S2001: and acquiring the working states corresponding to all rendering services in the server storage library through the scheduling service.
The operation state corresponding to the rendering service is the operation state of the rendering service. In this embodiment, whether the rendering service is currently in a working state or an idle state may be determined according to a working state corresponding to the rendering service.
Step S2002: and determining idle rendering services from all the rendering services according to the working state.
It should be appreciated that the free rendering service described above may be a rendering service that is not working in the server store.
Step S2003: and acquiring the performance index information of the idle rendering service.
It is to be understood that the performance index information may be index information for characterizing performance of the rendering service, for example: memory usage information, CPU usage information, etc., which is not limited in this embodiment. The memory usage information may be information about memory usage in the rendering service, such as: rendering total memory, currently used memory, currently remaining memory, etc. of the service; CPU usage information, i.e., usage information of the CPU in the rendering service, such as: the total number of CPUs of the rendering service, the number of CPUs currently used, the number of CPUs currently remaining, etc.
Step S2004: and determining a target rendering service from the idle rendering services according to the performance index information.
It should be understood that the system may determine whether the performance of each idle rendering service is good or not according to the performance index information of each rendering service, that is, may determine the idle rendering service with the best performance according to the performance index information corresponding to each idle rendering service, and determine the idle rendering service with the best performance as the target rendering service.
Further, the performance index information includes: memory usage information and CPU usage information; the step S2004 includes: acquiring index evaluation values corresponding to the idle rendering services according to the memory use information and the CPU use information; performing performance ranking on the idle rendering services according to the index evaluation values; and determining a target rendering service from the idle rendering services according to the sorting result.
It should be noted that, the index evaluation value may be a value for characterizing performance of each idle rendering service. In practical application, the index evaluation value corresponding to each idle rendering service can be calculated according to the memory usage information and the CPU usage information corresponding to each idle rendering service and through an index evaluation value calculation formula, so that the performance corresponding to each idle rendering service can be determined according to the index evaluation value.
In a specific implementation, the system can judge the working states corresponding to all rendering services in a server storage library in the scheduling service through the scheduling service, namely, determine which rendering services are working, which rendering services are currently in an idle state, and determine the rendering services in the idle state as idle rendering services. And then, memory use information and CPU use information corresponding to all idle rendering services can be obtained, index evaluation values corresponding to all idle rendering services are calculated according to the memory use information and the CPU use information, all idle rendering services are sequenced in a monotonically increasing mode according to the size of the index evaluation values, a rendering service sequence is obtained, and idle rendering service with the largest index evaluation value is selected from the rendering service sequence to serve as target rendering service, so that target rendering service which is in an idle state and has the best performance can be accurately selected from a server storage library, and a target browser is started through the target rendering service to return to a user for use.
According to the embodiment, the idle rendering service is determined from all the rendering services according to the working states corresponding to all the rendering services in the server storage library, and the target rendering service is determined from the idle rendering services according to the performance index information of all the idle rendering services, so that the determined target rendering service has good performance, and the reliability of remote access of a user is ensured.
Referring to fig. 4, fig. 4 is a flowchart illustrating a third embodiment of a user data isolation method according to the present invention.
Based on the above embodiments, in order to ensure the security and privacy of the user data, in this embodiment, after step S30, the method further includes:
step S40: and acquiring the user identification of the login user according to the account information.
It should be noted that, the user identifier may be identification information for identifying the logged-in user.
Step S50: and establishing an authority binding relationship between the user identifier and the target database through a preset authority binding instruction.
It should be appreciated that the preset permission binding instruction may be an instruction for instructing the rendering service to permission bind the user identifier and the target database.
It can be understood that the above-mentioned authority binding relationship is that the user identifier is in binding relationship with the authority of the target database. In practical application, if the user identifier establishes an authority binding relationship with the target database, the user corresponding to the user identifier bound with the target database has the authority to access the target database, and the target database can only be accessed by the user with which the authority binding relationship is established.
In a specific implementation, because account information corresponding to the login user includes information such as an account number, a password, a user identifier and the like corresponding to the login user, the system can directly acquire the user identifier corresponding to the login user according to the account information, and send a preset authority binding instruction to the rendering service to instruct the rendering service to carry out authority binding, and the rendering service can establish an authority binding relation between the user identifier and the target database after receiving the preset authority binding instruction, so that the login user corresponding to the user identifier has authority to access the target database, other users cannot access the target database, and data in the access process of the login user can only fall into the target database corresponding to the user identifier, thereby ensuring the safety and privacy of user data.
Further, after the step S50, the method further includes: when a remote access ending instruction triggered by the user browser is received, the authority binding relation is released; and when the release is completed, carrying out data hiding processing on the user access data through a data hiding instruction, and switching the access state corresponding to the target database into a pause access state.
It should be noted that, the above-mentioned command for ending remote access may be a command triggered by the user when stopping accessing the target browser.
It should be appreciated that the above-described data hiding instructions may be instructions for hiding access data by a user.
It is understood that the above-mentioned access suspension state may be a state corresponding to when the target browser is not allowed to be accessed.
In a specific implementation, if the login user stops accessing the browser on the remote server, the remote access ending instruction can be triggered, when the system receives the remote access ending instruction, the authority binding relation between the user identifier of the login user and the target database can be released, after the authority binding relation is released, the system can hide user access data generated when the user accesses the browser through the data hiding instruction, and the access state corresponding to the target browser is switched to a pause access state, or the target browser is set with inaccessible authority.
Further, before the step S20, the method further includes: database matching is carried out on a plurality of target databases based on account information of a login user on the user browser; judging whether a target database with a historical binding relation with the account information exists or not according to the matching result; if yes, opening the access right of the target database, and executing the step of starting the target browser through the rendering service.
It should be noted that, the database matching may be to match account information of the logged-in user with all databases established in advance.
It should be understood that the target database of the historical binding relationship is the target database that has the authority binding relationship prior to the user identification of the login user.
It can be understood that if there is no target database having a history binding relationship with the account information, creating a target database corresponding to the login user based on the account information, and executing the step of starting the target browser through the rendering service.
In a specific implementation, after a remote access request triggered by a user browser is acquired, the system can perform database matching on all target databases pre-established in the system based on account information of a login user on the user browser so as to judge whether a target database which has previously established an authority binding relationship with a user identifier corresponding to the login user exists, if so, the access authority of the target database can be opened, and the step of starting the target browser through rendering service is executed; if the user identification in the account information does not exist, a target database corresponding to the login user can be created based on the user identification in the account information, the step of starting the target browser through the rendering service is executed, and therefore whether the target database which has established the authority binding relation with the user identification of the login user exists or not can be determined in advance from the existing target database, if the target database exists, user access data can be directly stored in the target database, the target database is prevented from being repeatedly created when the target database which has the authority binding relation with the user identification of the login user exists in the system, and the data processing capacity of the system is increased.
According to the embodiment, the user identification of the login user is obtained according to the account information, and the authority binding relation is established between the user identification and the target database through the preset authority binding instruction, so that the safety and the privacy of the user data can be ensured. Meanwhile, according to the method, whether the target databases with historical binding relation with account information exist or not is judged according to database matching results of account information of a login user on a user browser on a plurality of target databases, if so, access rights of the target databases are opened, and a step of starting the target browser through a rendering server is executed, so that the target databases can be prevented from being repeatedly built when the target databases with the rights binding relation with user identification of the login user exist in a system, and the data processing capacity of the system is increased.
In addition, the embodiment of the invention also provides a storage medium, wherein the storage medium is stored with a user data isolation program, and the user data isolation program realizes the steps of the user data isolation method when being executed by a processor.
Referring to fig. 5, fig. 5 is a block diagram illustrating a first embodiment of a user data isolation device according to the present invention.
As shown in fig. 5, the user data isolation device provided by the embodiment of the invention includes:
a request acquisition module 501, configured to acquire a remote access request triggered by a user browser;
the browser starting module 502 is configured to start a target browser through a rendering service, where the target browser is determined according to account information of a login user on the user browser;
And the data storage module 503 is configured to process the remote access request through the target browser, and store the obtained user access data in a target database, where the target database is separately created according to the account information.
Further, the request obtaining module 501 is further configured to register and store the rendering service in a server repository corresponding to the scheduling service when the current working state of the rendering service is a normal running state; the browser starting module is further used for determining a target rendering service in the server storage library; and starting a target browser through the target rendering service.
The user data isolation device of the embodiment discloses a method for acquiring a remote access request triggered by a user browser; starting a target browser through rendering service, wherein the target browser is determined according to account information of a login user on a user browser; processing the remote access request through a target browser, storing the obtained user access data into a target database, and independently creating the target database according to account information; according to the method, the target browser is started through the rendering server, the remote access request triggered by the user browser is processed through the target browser, and then the obtained user access data are stored in the target database which is independently created according to the account information of the login user on the user browser, so that the technical problem that access data conflict can be generated when the remote server adopts the multi-account mode for deployment in the prior art in the multi-account mode for simultaneous access is solved, and the user experience is improved. Meanwhile, the embodiment registers and stores the rendering service in the normal running state in the server storage library corresponding to the scheduling service, determines the target rendering service in the server storage library, and starts the target browser through the target rendering service, so that the scheduling service can directly schedule the target rendering service in the server storage library to start the browser, and further the remote access efficiency of the user browser is improved.
Based on the above-mentioned first embodiment of the user data isolation device of the present invention, a second embodiment of the user data isolation device of the present invention is presented.
In this embodiment, the browser starting module 502 is further configured to obtain, through the scheduling service, working states corresponding to all rendering services in the server repository; determining idle rendering services from all the rendering services according to the working state; acquiring performance index information of the idle rendering service; and determining a target rendering service from the idle rendering services according to the performance index information.
Further, the performance index information includes: memory usage information and CPU usage information; the browser starting module 502 is further configured to obtain an index evaluation value corresponding to the idle rendering service according to the memory usage information and the CPU usage information; performing performance ranking on the idle rendering services according to the index evaluation values; and determining a target rendering service from the idle rendering services according to the sorting result.
According to the embodiment, the idle rendering service is determined from all the rendering services according to the working states corresponding to all the rendering services in the server storage library, and the target rendering service is determined from the idle rendering services according to the performance index information of all the idle rendering services, so that the determined target rendering service has good performance, and the reliability of remote access of a user is ensured.
Based on the above-described embodiments of the apparatus, a third embodiment of the user data isolation apparatus of the present invention is presented.
In this embodiment, the data storage module 503 is further configured to obtain a user identifier of the login user according to the account information; and establishing an authority binding relationship between the user identifier and the target database through a preset authority binding instruction.
Further, the data storage module 503 is further configured to release the permission binding relationship when receiving an end remote access command triggered by the user browser; and when the release is completed, carrying out data hiding processing on the user access data through a data hiding instruction, and switching the access state corresponding to the target database into a pause access state.
Further, the browser starting module 502 is further configured to perform database matching on a plurality of target databases based on account information of a login user on the user browser; judging whether a target database with a historical binding relation with the account information exists or not according to the matching result; if yes, opening the access right of the target database, and executing the step of starting the target browser through the rendering service.
According to the embodiment, the user identification of the login user is obtained according to the account information, and the authority binding relation is established between the user identification and the target database through the preset authority binding instruction, so that the safety and the privacy of the user data can be ensured. Meanwhile, according to the method, whether the target databases with historical binding relation with account information exist or not is judged according to database matching results of account information of a login user on a user browser on a plurality of target databases, if so, access rights of the target databases are opened, and a step of starting the target browser through a rendering server is executed, so that the target databases can be prevented from being repeatedly built when the target databases with the rights binding relation with user identification of the login user exist in a system, and the data processing capacity of the system is increased.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. read-only memory/random-access memory, magnetic disk, optical disk), comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present invention.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.
The invention discloses A1, a user data isolation method, which comprises the following steps:
acquiring a remote access request triggered by a user browser;
Starting a target browser through rendering service, wherein the target browser is determined according to account information of a login user on the user browser;
And processing the remote access request through the target browser, and storing the obtained user access data into a target database, wherein the target database is independently created according to the account information.
A2, the user data isolation method as described in A1, before the step of obtaining the remote access request triggered by the user browser, further comprises:
registering and storing the rendering service in a server storage library corresponding to the scheduling service when the current working state of the rendering service is a normal running state;
the step of starting the target browser through the rendering service comprises the following steps:
Determining a target rendering service in the server repository;
And starting a target browser through the target rendering service.
A3, the user data isolation method of A2, the step of determining a target rendering service in the server repository, comprising:
Acquiring working states corresponding to all rendering services in the server storage library through the scheduling service;
determining idle rendering services from all the rendering services according to the working state;
acquiring performance index information of the idle rendering service;
And determining a target rendering service from the idle rendering services according to the performance index information.
A4, the user data isolation method as described in A3, wherein the performance index information comprises: memory usage information and CPU usage information; the step of determining a target rendering service from the idle rendering services according to the performance index information comprises the following steps:
acquiring index evaluation values corresponding to the idle rendering services according to the memory use information and the CPU use information;
Performing performance ranking on the idle rendering services according to the index evaluation values;
And determining a target rendering service from the idle rendering services according to the sorting result.
A5, the user data isolation method according to A1, after the steps of processing the remote access request by the target browser and storing the obtained user access data in a target database, further includes:
acquiring a user identifier of the login user according to the account information;
and establishing an authority binding relationship between the user identifier and the target database through a preset authority binding instruction.
A6, after the step of establishing the authority binding relationship between the user identifier and the target database through the preset authority binding instruction, the user data isolation method as described in A5 further comprises:
when a remote access ending instruction triggered by the user browser is received, the authority binding relation is released;
And when the release is completed, carrying out data hiding processing on the user access data through a data hiding instruction, and switching the access state corresponding to the target database into a pause access state.
A7, the user data isolation method as described in A6, before the step of starting the target browser through the rendering service, further comprising:
Database matching is carried out on a plurality of target databases based on account information of a login user on the user browser;
Judging whether a target database with a historical binding relation with the account information exists or not according to the matching result;
If yes, opening the access right of the target database, and executing the step of starting the target browser through the rendering service.
A8, after the step of determining whether a target database having a history binding relationship with the account information exists according to the matching result, the user data isolation method as described in A7 further includes:
If not, creating a target database corresponding to the login user based on the account information, and executing the step of starting the target browser through the rendering service.
A9, the user data isolation method as described in A2, wherein after the step of registering and storing the rendering service in a server repository corresponding to the scheduling service when the current working state of the rendering service is a normal running state, further comprises:
When the current working state is an abnormal operation state, determining an abnormal rendering service corresponding to the abnormal operation state;
The exception rendering service is removed from the server repository.
A10, the user data isolation method as described in A2, before the step of starting the target browser through the target rendering service, further comprising:
Determining a current login mode of the user browser;
Determining target user information and account information of a login user on the user browser according to the current login mode;
and calling a dispatch service interface to send the target user information and the account information to the target rendering service, wherein the target user information and the account information are used for establishing an authority binding relation with a target database.
The invention also discloses a B11, a user data isolation device, which comprises:
the request acquisition module is used for acquiring a remote access request triggered by a user browser;
The browser starting module is used for starting a target browser through rendering service, and the target browser is determined according to account information of a login user on the user browser;
And the data storage module is used for processing the remote access request through the target browser and storing the obtained user access data into a target database, and the target database is independently created according to the account information.
B12, the user data isolation device as described in B11, wherein the request acquisition module is further configured to register and store the rendering service in a server repository corresponding to the scheduling service when the current working state of the rendering service is a normal running state;
The browser starting module is further used for determining a target rendering service in the server storage library; and starting a target browser through the target rendering service.
B13, the user data isolation device as described in B12, wherein the browser starting module is further configured to obtain working states corresponding to all rendering services in the server repository through the scheduling service; determining idle rendering services from all the rendering services according to the working state; acquiring performance index information of the idle rendering service; and determining a target rendering service from the idle rendering services according to the performance index information.
B14, the user data isolation device of B13, the performance index information including: memory usage information and CPU usage information; the browser starting module is further used for acquiring index evaluation values corresponding to the idle rendering services according to the memory use information and the CPU use information; performing performance ranking on the idle rendering services according to the index evaluation values; and determining a target rendering service from the idle rendering services according to the sorting result.
B15, the user data isolation device as described in B11, wherein the data storage module is further configured to obtain a user identifier of the login user according to the account information; and establishing an authority binding relationship between the user identifier and the target database through a preset authority binding instruction.
The user data isolation device as described in the B15, wherein the data storage module is further configured to release the permission binding relationship when receiving an end remote access command triggered by the user browser; and when the release is completed, carrying out data hiding processing on the user access data through a data hiding instruction, and switching the access state corresponding to the target database into a pause access state.
B17, the user data isolation device as described in B16, wherein the browser starting module is further configured to perform database matching on a plurality of target databases based on account information of a login user on the user browser; judging whether a target database with a historical binding relation with the account information exists or not according to the matching result; if yes, opening the access right of the target database, and executing the step of starting the target browser through the rendering service.
And B18, the user data isolation device as described in B17, wherein the browser starting module is further configured to create a target database corresponding to the login user based on the account information if the user data isolation device does not exist, and execute the step of starting the target browser through the rendering service.
The invention also discloses C19, a user data isolation device, the device includes: a memory, a processor, and a user data isolation program stored on the memory and executable on the processor, the user data isolation program configured to implement the steps of the user data isolation method as described above.
The invention also discloses D20, a storage medium, the storage medium stores a user data isolation program, and the user data isolation program realizes the steps of the user data isolation method when being executed by a processor.
Claims (10)
1. A method of user data isolation, the method comprising:
acquiring a remote access request triggered by a user browser;
Starting a target browser through rendering service, wherein the target browser is determined according to account information of a login user on the user browser;
And processing the remote access request through the target browser, and storing the obtained user access data into a target database, wherein the target database is independently created according to the account information.
2. The method of claim 1, wherein prior to the step of obtaining a remote access request triggered by a user browser, further comprising:
registering and storing the rendering service in a server storage library corresponding to the scheduling service when the current working state of the rendering service is a normal running state;
the step of starting the target browser through the rendering service comprises the following steps:
Determining a target rendering service in the server repository;
And starting a target browser through the target rendering service.
3. The user data isolation method of claim 2, wherein the step of determining a target rendering service in the server repository comprises:
Acquiring working states corresponding to all rendering services in the server storage library through the scheduling service;
determining idle rendering services from all the rendering services according to the working state;
acquiring performance index information of the idle rendering service;
And determining a target rendering service from the idle rendering services according to the performance index information.
4. A user data isolation method as claimed in claim 3, wherein the performance index information comprises: memory usage information and CPU usage information; the step of determining a target rendering service from the idle rendering services according to the performance index information comprises the following steps:
acquiring index evaluation values corresponding to the idle rendering services according to the memory use information and the CPU use information;
Performing performance ranking on the idle rendering services according to the index evaluation values;
And determining a target rendering service from the idle rendering services according to the sorting result.
5. The user data isolation method of claim 1, wherein after the step of processing the remote access request by the target browser and storing the obtained user access data in a target database, further comprising:
acquiring a user identifier of the login user according to the account information;
and establishing an authority binding relationship between the user identifier and the target database through a preset authority binding instruction.
6. The method for isolating user data according to claim 5, wherein after the step of establishing a rights binding relationship between the user identifier and the target database by a preset rights binding instruction, the method further comprises:
when a remote access ending instruction triggered by the user browser is received, the authority binding relation is released;
And when the release is completed, carrying out data hiding processing on the user access data through a data hiding instruction, and switching the access state corresponding to the target database into a pause access state.
7. The user data isolation method of claim 6, wherein prior to the step of launching the target browser through the rendering service, further comprising:
Database matching is carried out on a plurality of target databases based on account information of a login user on the user browser;
Judging whether a target database with a historical binding relation with the account information exists or not according to the matching result;
If yes, opening the access right of the target database, and executing the step of starting the target browser through the rendering service.
8. A user data isolation device, the device comprising:
the request acquisition module is used for acquiring a remote access request triggered by a user browser;
The browser starting module is used for starting a target browser through rendering service, and the target browser is determined according to account information of a login user on the user browser;
And the data storage module is used for processing the remote access request through the target browser and storing the obtained user access data into a target database, and the target database is independently created according to the account information.
9. A user data isolation device, the device comprising: memory, a processor and a user data isolation program stored on the memory and executable on the processor, the user data isolation program being configured to implement the steps of the user data isolation method of any of claims 1 to 7.
10. A storage medium having stored thereon a user data isolation program which when executed by a processor implements the steps of the user data isolation method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311317074.3A CN117972762A (en) | 2023-10-11 | 2023-10-11 | User data isolation method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311317074.3A CN117972762A (en) | 2023-10-11 | 2023-10-11 | User data isolation method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117972762A true CN117972762A (en) | 2024-05-03 |
Family
ID=90848486
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311317074.3A Pending CN117972762A (en) | 2023-10-11 | 2023-10-11 | User data isolation method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117972762A (en) |
-
2023
- 2023-10-11 CN CN202311317074.3A patent/CN117972762A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110363026B (en) | File operation method, device, equipment, system and computer readable storage medium | |
| CN109873803A (en) | The authority control method and device of application program, storage medium, computer equipment | |
| EP3509270B1 (en) | Data backup method and device, storage medium and electronic apparatus | |
| CN100492300C (en) | System and method for executing a process on a microprocessor-enabled device | |
| US20150341362A1 (en) | Method and system for selectively permitting non-secure application to communicate with secure application | |
| CN109451020B (en) | Timeout management method, timeout management device, and computer-readable storage medium | |
| CN109918187B (en) | Task scheduling method, device, equipment and storage medium | |
| CN110971591B (en) | Method and system for multi-process access to trusted application | |
| CN109815700A (en) | Processing method and processing device, storage medium, the computer equipment of application program | |
| RU2599945C2 (en) | System and method for database augmentation with objects antivirus inspection on a plurality of virtual machines | |
| CN117972762A (en) | User data isolation method, device, equipment and storage medium | |
| CN112671945A (en) | Method, device, computer equipment and storage medium for managing IP proxy pool | |
| CN110381143B (en) | Job submission execution method, device, equipment and computer storage medium | |
| CN116107715B (en) | Method for running Docker container task and task scheduler | |
| CN111045789A (en) | Virtual machine starting method and device, electronic equipment and storage medium | |
| JP6962142B2 (en) | Programs and information processing equipment | |
| CN108491300A (en) | One kind being based on distributed log processing system | |
| CN114327757A (en) | Network target range tool delivery method, device, equipment and readable storage medium | |
| CN111259375A (en) | Processing method and device for access request applied to operating system of Internet of things | |
| CN115987701B (en) | Management method and device of access equipment, terminal equipment and medium | |
| CN117472516B (en) | Virtual resource scheduling method, device, cluster system, electronic equipment and medium | |
| CN112766768B (en) | Contract flow management method and device, electronic equipment and readable storage medium | |
| US11909805B1 (en) | Local device redirection in remote access computing environments | |
| US10999409B1 (en) | Managing multiple requests to redirect local devices in remote access computing environments | |
| CN106326732A (en) | Application programming interface (API) protection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication |