Summary of the invention
For the user of remote assistance, there are many inconvenient parts in above-mentioned conventional procedures, and has the weakness of the network attack person attack that is subjected to malice easily.The needed help of each requestor may be different.According to its particular demands, the requestor need pass through remote assistance (Remote takeover, i.e. RTO) channel in addition, as phone, Email, BBS or IM etc., the information that obtains asking the recipient.Which request recipient the requestor also needs to understand is suitably for him and offers help.
Lack the authentication mechanism that the recipient that calls request can the person of being requested be trusted in traditional remote assistance.Provide in the process of IP address and login password to the request recipient the requestor, these information may be obtained by other people.The content of remote assistance may be distorted in transmission course as operation and UI (user interface).In addition, the user can't manage a plurality of remote assistances simultaneously.
At the weak point of prior art, an object of the present invention is to provide a kind of method and corresponding server that carries out remote assistance safely.
Further purpose of the present invention is to provide the coupling service between the recipient remote assistance requestor and request, makes the request recipient that the requestor can find help required with it to adapt easily.
According to an aspect of the present invention, the invention provides a kind of method that remote assistance is provided, comprising: at least one remote assistance request recipient (RTO Receiver) signs in to remote assistance server (RTO Server); Described remote assistance server identifies whether this remote assistance request recipient is that authentic remote helps the request recipient; If determining this remote assistance request recipient is that authentic remote helps the request recipient, described remote assistance server is designated authentic remote with this remote assistance request recipient and helps the request recipient; D) at least one remote assistance requestor (RTO Requester) is connected to the remote assistance server, and the request remote assistance; At least one authentic remote helps the request recipient to provide remote assistance at least one described remote assistance requestor.
According to a further aspect in the invention, the invention provides a kind of method that remote assistance is provided, comprise that at least one remote assistance request recipient (RTO Receiver) signs in to remote assistance server (RTO Server); Described remote assistance server identification and the corresponding attribute of this remote assistance request recipient; At least one remote assistance requestor (RTORequester) is connected to the remote assistance server, and the request remote assistance; Described remote assistance server is complementary remote assistance request recipient and remote assistance requestor according to the attribute of the remote assistance of being asked and/or remote assistance request recipient's attribute; The remote assistance request recipient of coupling provides remote assistance for described remote assistance requestor.
According to a further aspect in the invention, the invention provides a kind of server that is used for remote assistance, comprise the device that is used for remote assistance request recipient login; The device that is used for remote assistance requestor login; Safety device is used to identify whether the remote assistance request recipient of login is that authentic remote helps the request recipient; And dispatching device, being used to dispatch authentic remote and helping request recipient and remote assistance requestor, the recipient provides remote assistance for described remote assistance requestor so that authentic remote helps request.
The present invention has used a remote assistance server in remote assistance.This remote assistance server is handled safety problem and/or is connected scheduling problem with the request recipient for the requestor.The remote assistance server also can be the requestor and the request recipient provides secure communications channel, identity authentication, to guarantee safety of data.
The present invention also provides the service of requestor with request recipient coupling in remote assistance, solved the problem of the existing information asymmetry that connects between requestor and the request recipient.
Embodiment
The invention provides a kind of method and respective remote helping service device (RTO server) that remote assistance with security feature is provided on network.Below in conjunction with accompanying drawing to being described in detail according to embodiments of the invention.
Fig. 1 is the schematic diagram that remote assistance is provided on network according to the present invention.The present invention has introduced security mechanism by utilizing a remote assistance server between remote assistance requestor and remote assistance request recipient.And the user can more easily use remote assistance.Describe in detail according to the method that remote assistance is provided of the present invention below with reference to Fig. 1.
At first, remote assistance request recipient (RTO receiver) 120 connects by network, connects as TCP/IP, uses a user name and corresponding password to sign in to remote assistance server 110.Then, remote assistance server 110 identifies whether this remote assistance request recipient 120 is that authentic remote helps the request recipient.If determining this remote assistance request recipient 120 is that authentic remote helps the request recipient, described remote assistance server 110 is designated authentic remote with this remote assistance request recipient 120 and helps the request recipient.
A remote assistance requestor (RTO Requester) 130 signs in to remote assistance server 110, and the request remote assistance.For example, the remote assistance requestor utilizes DES key of public-key encryption (Data Encryption Standardkey) of remote assistance server, sends to remote assistance server 110 then.The authentic remote that then has been tested and appraised helps request recipient 120 just can use this DES key to provide remote assistance for this remote assistance requestor 130.Like this, the resulting remote assistance service of remote assistance requestor helps the request recipient to provide by an authentic remote, thereby has certain fail safe.
Remote assistance server 110 can be tested and appraised agreement, identifies whether this remote assistance request recipient 120 is that authentic remote helps the request recipient.This evaluation agreement can include but not limited to that remote assistance request recipient's username and password or remote assistance request recipient login by some believable computer or terminal (some has the computer in security protection place as intra-company).Perhaps storage one authentic remote helps request recipient tabulation in other storage device of remote assistance server 110 or network, is used for determining whether the remote assistance requestor of login is credible.If the remote assistance request recipient 120 of login helps the request recipient to be complementary with the interior a certain authentic remote of tabulating, just definite its this remote assistance request recipient 120 is believable.
This authentic remote helps request recipient (RTO Receiver) tabulation to preferably include remote assistance request recipient's username and password.Remote assistance server 110 identifies whether this remote assistance request recipient 120 is that authentic remote helps request recipient's step further to comprise: the remote assistance request recipient who sends to login after remote assistance server 110 utilizes the remote assistance request recipient's of login password that one random number series is encrypted; The remote assistance request recipient 120 of login decrypts this random number series and sends remote assistance server 110 to; Remote assistance server 110 determines according to the random number series that decrypts whether this remote assistance request recipient is that authentic remote helps the request recipient.
Afterwards, remote assistance server 110 also can be the remote assistance requestor and remote assistance request recipient provides secure communication channel, so that exchange message between them.Authentic remote helps request recipient 120 can obtain described remote assistance requestor's adapter information by this safe lane; Then, authentic remote helps request recipient 120 to utilize described adapter information to take over (takeover) described remote assistance requestor 130.This adapter information can comprise remote assistance requestor's IP address, login username and password.Certainly, persons of ordinary skill in the art may appreciate that remote assistance request recipient and remote assistance requestor also can pass through the alternate manner exchange message after confirming that authentic remote helps the request recipient.
Persons of ordinary skill in the art may appreciate that the remote assistance server also can utilize mode similar to the above to confirm remote assistance requestor 130 remote assistance of whether having the right to obtain.
Before remote assistance is provided, can also determine remote assistance request recipient's attribute, this attribute can be stored in the remote assistance request recipient tabulation.This attribute comprises that remote assistance request recipient is suitable for providing the attribute of remote assistance, as the remote assistance of Linux, Windows, Lotus, Office, certain specialized application software or network connection aspect is provided.This attribute can comprise also whether remote assistance request recipient is suitable for providing the service of one-to-many or multi-to-multi.
For example, the problem of the network connection aspect that the remote assistance requestor who has is run into, shared calendar, Web conference (E-meeting) aspect may need to relate to many aspects, as the cooperation between a plurality of remote assistance requestors.If one or more remote assistance request recipients and a plurality of remote assistance requestor are complementary, thereby one or more remote assistance request recipient then can deal with problems quickly and easily simultaneously for a plurality of remote assistance requestors provide remote assistance.For another example, the remote assistance that the remote assistance requestor asked that has may relate to many-sided problems such as operating system, network connection and specialized application software, at this moment a plurality of differences have the remote assistance request recipient of different specialities simultaneously for this remote assistance requestor provides remote assistance, then can deal with problems quickly and easily.This attribute can be determined by server 110, also can be provided after login by remote assistance request recipient.
Before remote assistance is provided, can also determine remote assistance requestor's attribute and/or the attribute of the remote assistance of being asked.This attribute can be stored in the remote assistance requestor list.This attribute can be determined by server 110, also can be provided after proposing the remote assistance request by the remote assistance requestor.This attribute is corresponding with remote assistance request recipient's attribute.This attribute comprises that the remote assistance of remote assistance requester requests is the remote assistance of Linux, Windows, Lotus, Office, certain specialized application software or network connection aspect, and this attribute can comprise also whether the remote assistance requestor is suitable for being provided the service of many-one or multi-to-multi.
Remote assistance server 110 is complementary remote assistance request recipient and remote assistance requestor according to the attribute of remote assistance request recipient's attribute, remote assistance requestor's the attribute and/or the remote assistance of being asked.
Remote assistance request recipient tabulation according to the present invention can be stored in the remote assistance server 110, and this tabulation can include but not limited to remote assistance request recipient's user name, password, attribute and state.If determining this remote assistance request recipient is that authentic remote helps the request recipient, then respective remote helps request recipient's state to be set to state of activation in the remote assistance request recipient tabulation.
Remote assistance mentioned above is preferably reciprocity remote assistance, also can be the remote assistance of other type.
Remote assistance server 110 can also be stored a remote assistance requestor list, when a remote assistance requester requests remote assistance, remote assistance server 110 with the remote assistance of remote assistance requestor and/or its attribute, its request and/or corresponding property store in the remote assistance requestor list.When server 110 is found available remote assistance request recipient, just it can be complementary with the remote assistance requestor who waits for.Remote assistance server 110 can also be classified to the remote assistance requestor according to remote assistance requestor's the attribute or the attribute of its request.Correspondingly, remote assistance server 110 can also be classified to it according to remote assistance request recipient's attribute.Based on above-mentioned classification, remote assistance server 110 is complementary remote assistance requestor and remote assistance request recipient.
A remote assistance requestor also can propose or a plurality of remote assistance requests of needs, and like this, remote assistance server 110 just need satisfy its demand for it repeatedly mates.In this case, may be connected to or control a remote assistance requestor and provide service by a plurality of remote assistance request recipients for it.
Fig. 2 is the system schematic that is used for remote assistance according to of the present invention.Remote assistance system among the figure comprises remote assistance server (RTO server) 110, network 300, one or more remote assistance requestor (RTO requestor) 130 and one or more remote assistance request recipient (RTO asks the recipient) 120.
The server that is used for remote assistance 110 among Fig. 2 is configured to be suitable for to carry out according to the above-mentioned method that safe remote assistance is provided of the present invention.Further this remote assistance server 110 of configuration is so that provide coupling and dispatch service for remote assistance requestor 130 and remote assistance request recipient 120.
Remote assistance server among Fig. 2 (RTO server) 110 preferably includes: the device 220 that is used for remote assistance request recipient login; The device 210 that is used for remote assistance requestor login; Safety device 270 is used to identify whether the remote assistance request recipient (RTOReceiver) of login is that authentic remote helps the request recipient; And dispatching device 250, being used to dispatch authentic remote and helping request recipient and remote assistance requestor, the recipient provides remote assistance for described remote assistance requestor so that authentic remote helps request.
When remote assistance requestor 130 signs in to remote assistance server 110, remote assistance requestor 130 can be with the information of some needs to be keep secret, as its IP address, password and the help of being asked or the like, send to remote assistance server 110 by a safe lane.The remote assistance server receives this request by its safety device 270.
According to an aspect of the present invention, though it is and nonessential, remote assistance server among Fig. 2 (RTO server) 110 can also comprise: remote assistance request (RTO) recipient list storage device 240, be used to store authentic remote and help request recipient tabulation, described safety device 270 can utilize this tabulation to determine whether the remote assistance requestor of login is credible.Storage device 240 can be stored remote assistance request recipient's user name, password, attribute and state in advance.Remote assistance request recipient 120 can utilize personal account information such as its username and password to login.
If it is that authentic remote helps the request recipient that described safety device 270 is determined this remote assistance request recipient, then respective remote helps request recipient's state to be set to state of activation in the remote assistance request recipient tabulation.Storage device 240 can also be stored remote assistance request recipient's as indicated above multiple attribute, as the type of the remote assistance that provides, whether is suitable for remote assistance that provides one-to-many or multi-to-multi or the like.Coalignment 260 hereinafter described can utilize these information that remote assistance requestor and remote assistance request recipient are complementary.In addition, the information in the remote assistance request recipient tabulation can be stored in advance, also can be provided when logining by remote assistance request recipient 120.
According to a further aspect in the invention, though it is and nonessential, remote assistance server among Fig. 2 (RTO server) 110 can also comprise: remote assistance request (RTO) person list storage device 230, be used to store remote assistance (RTO) requestor list, this remote assistance requestor list can be stored remote assistance requestor's the attribute and/or the attribute of its remote assistance of asking; And one and the coalignment 260 that is coupled of described dispatching device, the attribute of the remote assistance that is used for the attribute of attribute, remote assistance requestor according to remote assistance request recipient and/or is asked is complementary remote assistance request recipient and remote assistance requestor.Also can this remote assistance requestor and one or more remote assistance request recipient be complementary according to remote assistance requestor's the attribute and/or the attribute of its remote assistance of asking.In addition, the information in the remote assistance requestor list can be stored as required and in advance, also can be provided when logining by remote assistance requestor 130.
Safety device 270 also is used for communicating by a secure communication channel and remote assistance requestor 130 or remote assistance request recipient 120, and sets up secure communication channel for remote assistance requestor 130 and remote assistance request recipient 120.Server 110 can be preserved remote assistance request recipient 120 certificate file (certification file). and remote assistance request recipient 120 utilizes username and password to activate certificate file on its computer, and utilizes this certificate file and server 110 to connect.Server 110 can send to this certificate remote assistance requestor 130, and notice remote assistance request recipient 120 connects with remote assistance requestor 130.Like this, just set up a secure communication channel between remote assistance request recipient 120 and the remote assistance requestor 130, utilized the key in this certificate that safeguard protection is provided.This secure communication channel can also utilize the multiple prior art of this area to realize, does not repeat them here.
According to a further aspect in the invention, described safety device 270 is tested and appraised agreement, identifies whether this remote assistance request recipient is that authentic remote helps the request recipient.Described safety device 270 can also provide secure communication channel for remote assistance requestor and remote assistance request recipient.Described authentic remote helps request recipient 120 to obtain described remote assistance requestor's adapter information by described safety device.Authentic remote helps the request recipient to utilize described adapter information to take over described remote assistance requestor.Described adapter information comprises remote assistance requestor's IP address, login username and password.
For safety certification, described authentic remote helps request recipient tabulation can comprise remote assistance request recipient's password; After further being configured to utilize the remote assistance request recipient's of login password that one random number series is encrypted, described safety device 270 sends to the remote assistance request recipient of login; After the remote assistance request recipient of login decrypted this random number series, described safety device determined according to the random number series that decrypts whether this remote assistance request recipient is that authentic remote helps the request recipient.
Coalignment 260 according to the present invention further is configured to the attribute according to the attribute of remote assistance requestor's attribute and/or its remote assistance of asking and remote assistance request recipient, and one or more remote assistance requestors 130 are complementary with one or more remote assistance request recipients 120.Wherein, the attribute of remote assistance requestor's attribute and/or its remote assistance of asking can provide and be stored in remote assistance by remote assistance requestor 130 when logining.Described dispatching device 250 is configured so that further one or more authentic remotes help request recipient 120 to provide remote assistance for one or more described remote assistance requestors 130.Wherein, described remote assistance is preferably reciprocity remote assistance.
In remote assistance request recipient tabulation, can classify to remote assistance request recipient according to corresponding attribute.In the remote assistance requestor list, also can classify to the remote assistance requestor according to corresponding attribute.Dispatching device 250 and coalignment 260 can periodically be checked this two tabulations, mate and dispatch.For the remote assistance requestor and the remote assistance request recipient of coupling, can issue corresponding both sides by the required information of remote assistance that dispatching device 250 is set up safety by safety device 270 with them.
Abovely the present invention is described in detail, but is appreciated that above embodiment only is used for explanation and non-limiting the present invention in conjunction with the optimum seeking method scheme.Those skilled in the art can make amendment and not break away from spirit of the present invention scheme shown in of the present invention.