CN113282654B - System fusion system based on non-network penetration - Google Patents

System fusion system based on non-network penetration Download PDF

Info

Publication number
CN113282654B
CN113282654B CN202110561175.XA CN202110561175A CN113282654B CN 113282654 B CN113282654 B CN 113282654B CN 202110561175 A CN202110561175 A CN 202110561175A CN 113282654 B CN113282654 B CN 113282654B
Authority
CN
China
Prior art keywords
module
database
network
instruction
closed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110561175.XA
Other languages
Chinese (zh)
Other versions
CN113282654A (en
Inventor
钟月珠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202110561175.XA priority Critical patent/CN113282654B/en
Publication of CN113282654A publication Critical patent/CN113282654A/en
Application granted granted Critical
Publication of CN113282654B publication Critical patent/CN113282654B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/25Integrating or interfacing systems involving database management systems
    • G06F16/252Integrating or interfacing systems involving database management systems between a Database Management System and a front-end application
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a system fusion system based on non-network penetration, which comprises a closed business system display layer operation program module and a database external access proxy service module, wherein the closed business system display layer operation program module is connected with a KVB (KVB) butt joint device I, a closed business system business layer back-end service module and a database and network flow audit module, the KVB butt joint device I is connected with an artificial intelligent video image decoding and identifying module, and the artificial intelligent video image decoding and identifying module is connected with a screen behavior data module. Has the beneficial effects that: under the condition of not destroying the safety of a closed network of the original system, establishing an interface interaction model based on a presentation layer, and acquiring a corresponding data item; under the condition of not destroying the safety of a closed network of the original system, a network instruction model based on network instructions of a service layer and a data layer is established, and data in the network instruction model is extracted through corresponding instruction analysis.

Description

System fusion system based on non-network penetration
Technical Field
The invention relates to the technical field of system fusion in the IT industry, in particular to a system based on non-network penetration system fusion.
Background
The invention adopts non-network technical means to realize the butt-joint fusion of two systems without physical network butt-joint, and currently, the design which can be used as potential reference is temporarily unavailable, so the invention is named as 'a system fusion method based on non-network penetration'
Specifically, the target scene is described by natural language based on Chinese, the system automatically analyzes the implementation logic therein and then automatically generates program codes based on the technical standard of a programming language.
The present invention is equivalent to a machine tool in machine manufacturing industry, and has no concept as a precedent, so that the present invention is named as "non-network penetration system fusion".
The current mainstream system fusion method can not get rid of the common fusion mode basically no matter what language is adopted for the system to realize fusion: (1) fusing database interfaces; (2) fusing system interfaces; (3) code embedding and fusing; (4) and (6) exporting and carrying data. The method for integrating the systems is based on the mutual cooperation of the two parties, the original system provides interfaces, codes, transformation, access rights and other methods, and except that the 'data export and transportation' can be realized only by requiring the network communication of the two parties.
Because the current systems of a plurality of owner units are more and more, the network security requirement is continuously improved, and the capital budget is tense, but the expected standard of the subsequent informatization system construction is continuously improved, and the newly-built system is often required to be fused with the original system. The very common situation is: (1) the original system cannot be modified in a matching way and cannot provide an interface for various reasons, and finally, the result of coordination can only obtain the account number and the password (not the account number and the password of the database) of the service operator of the original system; (2) the original system needs to continue to work normally, and internal data determines that even if a set of new replacement system with complete functions is newly built, the new replacement system cannot meet the business requirements of owners under the condition that the data of the original system is not obtained; (3) the original system is in a closed network, and a subsequent newly-built information system needs to break through a plurality of closed networks to realize the butt joint with the plurality of original systems, so that a large data center is built, but the safety of the original closed network cannot be influenced. In such a situation, the system convergence work cannot be carried out because the suppliers of the original systems are killed or the technical teams thereof are out of work; even if the original supplier can provide technical support, the difficulty of coordination work and the rapid rise of budget of invested funds, the owner unit is also overloaded, and the project implementation difficulty is extremely large.
The invention can effectively solve the problems: (1) under the condition of not destroying the safety of a closed network of the original system, the audit of the original system is realized; (2) under the condition of not destroying the safety of a closed network of the original system, establishing an interface interaction model based on a presentation layer, and acquiring a corresponding data item; (3) under the condition of not destroying the safety of a closed network of the original system, a network instruction model based on network instructions of a service layer and a data layer is established, and data in the network instruction model is extracted through corresponding instruction analysis; (4) under the condition of not destroying the safety of a closed network of an original system, a database model based on a data layer is established, and data of a database network instruction is obtained; (5) under the condition that the original system architecture allows, a database proxy server is established, and an external system is allowed to directly acquire data in the original system database through a non-network penetration mode. (6) Based on the various capabilities, the capabilities of KVB simulation operation fusion, database docking fusion and presentation layer reconstruction fusion are provided.
Through the realization of the system, the problems of programming language, interface service, system transformation, original system supplier support, database password hiding protection and the like of the original system can be ignored in the scene of system fusion, and non-network penetration is directly realized under the condition of not destroying the safety of a closed network of the original system, so that the system fusion is realized.
An effective solution to the problems in the related art has not been proposed yet.
Disclosure of Invention
The present invention is directed to a system based on non-network penetration system fusion, so as to solve the problems in the background art.
In order to achieve the purpose, the invention provides the following technical scheme: a system based on non-network penetration system fusion comprises a closed business system display layer operation program module and a database external access proxy service module, wherein the closed business system display layer operation program module is connected with a KVB (KVB) butt joint device I, a closed business system business layer rear end service module and a database and network flow auditing module, the KVB butt joint device I is connected with an artificial intelligent video image decoding and identifying module, the artificial intelligent video image decoding and identifying module is connected with a screen behavior data module, the closed business system business layer rear end service module is connected with a closed business system database module, the closed business system business layer rear end service module is connected with the database and the network flow auditing module, the database and the network flow auditing module are connected with a network flow data and database instruction primary flow module, the network flow data and database instruction primary flow module and the screen behavior data module are connected with a merging analysis module, the merging analysis module is connected with an interface interaction element judgment module and a network instruction element judgment module, the network flow data and database instruction primary flow module is also connected with a database instruction element judgment module, the database instruction element judgment module is connected with a database element module, the database element module is connected with a database model module, the interface interaction element judgment module is connected with an interface interaction element module, the interface interaction element module is connected with an interface interaction primary flow module, the interface interaction primary flow module is connected with an interface interaction path diagram intelligent analysis module, the interface interaction path diagram intelligent analysis module is connected with an interface interaction model module, the network instruction element module is connected with a network instruction primary flow module, the network instruction primary flow module is connected with an instruction packet slice matching intelligent analysis module, the command subpackage slice matching intelligent analysis module is connected with a network command model module, the database model module, the interface interaction model module and the network command model module are all connected with a cross intelligent analysis module, the cross intelligent analysis module is connected with a closed service system model module, the closed service system model module is connected with a presentation layer reconstruction fusion module, a database butt joint fusion module and a KVB simulation operation fusion module, the database external access proxy service module is connected with a KVB docking device II, the KVB docking device II is connected with a database internal proxy module, the database internal agent module is connected with the database module of the closed service system.
Furthermore, the closed service system presentation layer operation program module is connected with a KVB first docking device through a KVB.
Further, the database element module comprises a database type module, a database instance module, the database account module, an adding, deleting, modifying and checking type module, a database table module, a database field module and a data recording module.
Further, the interface interactive element module comprises an interface window, a user operation event, an interface input item and an interface output item.
Further, the network instruction element module comprises an instruction sub-packaging module, an instruction category segmentation module, an instruction content segmentation module and an instruction pairing module.
Furthermore, the KVB second docking equipment is connected with the database internal agent module through a KVB.
Compared with the prior art, the invention has the following beneficial effects:
(1) under the condition of not destroying the safety of a closed network of the original system, the audit of the original system is realized;
(2) under the condition of not destroying the safety of a closed network of the original system, establishing an interface interaction model based on a presentation layer, and acquiring a corresponding data item;
(3) under the condition of not destroying the safety of a closed network of the original system, a network instruction model based on network instructions of a service layer and a data layer is established, and data in the network instruction model is extracted through corresponding instruction analysis;
(4) under the condition of not destroying the safety of a closed network of an original system, a database model based on a data layer is established, and data of a database network instruction is obtained;
(5) under the condition that the original system architecture allows, a database proxy server is established, and an external system is allowed to directly acquire data in the original system database through a non-network penetration mode.
Based on the various capabilities, the capabilities of KVB simulation operation fusion, database docking fusion and presentation layer reconstruction fusion are provided.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings required in the embodiments will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a system architecture diagram of a non-network penetration based system convergence, in accordance with an embodiment of the present invention;
FIG. 2 is a system network structure diagram of a non-network penetration based system convergence according to an embodiment of the present invention;
FIG. 3: the login window of the embodiment interface frame;
FIG. 4: example warehouse shelf management of interface frames;
FIG. 5 is a schematic view of: example interface frame for new warehouse and shelf;
FIG. 6: the new shelf interval of the interface frame of the embodiment;
FIG. 7: example modification of the interface frame shelf spacing;
FIG. 8: the material summary query of the interface frame is implemented;
FIG. 9: implementing the replenishment warehousing management of the interface frame;
FIG. 10: example new article warehousing management of interface frames;
FIG. 11: the material availability management of the interface frame is implemented;
FIG. 12: the embodiment is a login window login button HTTP network command request of the network command;
FIG. 13 is a schematic view of: the login window login button of the network command of the embodiment is HTTP network command response success;
FIG. 14 is a schematic view of: the login window login button of the network command of the embodiment fails to respond to the network command HTTP;
FIG. 15: the embodiment is a login window login button TCP/JSON network instruction request of a network instruction;
FIG. 16: the login window login button TCP/JSON network command response of the network command of the embodiment is successful;
FIG. 17: the embodiment has failed to respond to the network command by the login window login button TCP/JSON network command;
FIG. 18: the database requests to inquire a password corresponding to the account;
FIG. 19 is a schematic view of: the database returns the result of inquiring the account number and the password;
FIG. 20: database instance information;
FIG. 21: database operation information;
FIG. 22: summarizing database operation information;
FIG. 23: establishing a database model t _ account;
FIG. 24: control elements of the login interface;
FIG. 25: a system interface area of the login interface;
FIG. 26: logging in the characteristic data of the interface;
FIG. 27 is a schematic view showing: a node flow diagram of an internal warehouse management system;
FIG. 28: a network command model;
FIG. 29: the interface interaction network instruction database instruction corresponds to the interface interaction network instruction database instruction;
FIG. 30: data records of the closed business system model.
Reference numerals:
110. a closed service system shows a layer operation program module; 120. a back-end service module of a business layer of a closed business system; 130. a database module of a closed service system data layer; 140. a database and a network flow auditing module; 150. a database internal agent module; 210. KVB first butt joint equipment; 211. a KVB docking device II; 310. an artificial intelligent video image decoding and identifying module; 410. a screen behavior data module; 420. a network flow data and database instruction primary flow module; 510. a merging analysis module; 610. an interface interactive element judgment module; 611. an interface interaction element module; 620. a network instruction element decision module; 621. a network command element module; 630. a database instruction element judgment module; 631. a database element module; 710. interface interaction primary flow module; 720. a network instruction primary flow module; 810. an interface interaction path diagram intelligent analysis module; 820. an instruction subpackage slice matching intelligent analysis module; 910. an interface interaction model module; 920. a network command model module; 930. a database model module; 1010. a cross intelligent analysis module; 1110. a closed business system model module; 1210. a presentation layer reconstruction fusion module; 1220. a database docking fusion module; 1230. a KVB simulation operation fusion module; 1240. the outside of the database accesses the proxy service module.
Detailed Description
The invention is further described with reference to the following drawings and detailed description:
the embodiment is as follows:
referring to fig. 1-30, a system for non-network-penetration-based system fusion according to an embodiment of the present invention includes a closed service system presentation layer operating program module 110 and a database external access proxy service module 1240, where the closed service system presentation layer operating program module 110 is connected to a KVB docking device 210, a closed service system service layer back-end service module 120, and a database and network traffic auditing module 140, the KVB docking device 210 is connected to an artificial intelligence video image decoding and identifying module 310, the artificial intelligence video image decoding and identifying module 310 is connected to a screen behavior data module 410, the closed service system service layer back-end service module 120 is connected to a closed service system database module 130, and the closed service system service layer back-end service module 120 is connected to the database and network traffic auditing module 140, the database and network traffic auditing module 140 is connected with a network traffic data and database instruction primary flow module 420, the network traffic data and database instruction primary flow module 420 and the screen behavior data module 410 are both connected with a merge analysis module 510, the merge analysis module 510 is connected with an interface interaction element determination module 610 and a network instruction element determination module 620, the network traffic data and database instruction primary flow module 420 is further connected with a database instruction element determination module 630, the database instruction element determination module 630 is connected with a database element module 631, the database element module 631 is connected with a database model module 930, the interface interaction element determination module 610 is connected with an interface interaction element module 611, the interface interaction element module 611 is connected with an interface interaction primary flow module 710, the interface interaction primary flow module 710 is connected with an interface interaction path diagram intelligent analysis module 810, the interface interaction path diagram intelligent analysis module 810 is connected with an interface interaction model module 910, the network command element module 621 is connected with a network command primary flow module 720, the network command primary flow module 720 is connected with a command sub-packet slice matching intelligent analysis module 820, the command sub-packet slice matching intelligent analysis module 820 is connected with a network command model module 920, the database model module 930, the interface interaction model module 910 and the network command model module 920 are all connected with a cross intelligent analysis module 1010, the cross intelligent analysis module 1010 is connected with a closed service system model module 1110, the closed service system model module 1110 is connected with a presentation layer reconstruction fusion module 1210, a database docking fusion module 1220 and a KVB simulation operation fusion module 1230, the database external access agent service module 1240 is connected with a second KVB docking device 211, the second KVB docking device 211 is connected with a database internal agent module 150, and the database internal agent module 150 is connected with the database module 130 of the closed service system.
The "closed service system presentation layer operating program module 110" represents an interface interactive system for service personnel to operate on a front-end operating terminal of an original system in a closed network. The "back-end service module 120 of the service layer of the closed service system" represents a back-end service in a closed network, and mainly receives a network instruction from a front-end interface interactive system, processes the network instruction according to service logic, and then requests a database of the data layer to perform data operation through the network instruction. The "closed business system database module 130" represents a database in a closed network, and mainly receives network instructions of data operation from a business layer back-end service, and then changes data in a persistent data storage.
The "database and network traffic auditing module 140" is a standardized product in the current information security industry, and can also be divided into two independent products: 1, database audit; and 2, auditing the network flow. The database auditing function of the module monitors all network instructions of a target database in the monitored network environment, and obtains specific operation instructions by analyzing the protocol. The network traffic auditing function of the module monitors and records network traffic data messages which meet the conditions, such as source, target, protocol and the like, in the monitored network environment.
After the database audit obtains the "network traffic data and database command primary flow module 420", a complete "database model module 930" can be built step by step through accumulated learning through the following series of steps.
a) Database auditing may be performed by capturing a database operation request sent by the closed service system service layer back-end service module 120 to the closed service system database module 130 with reference to: FIG. 18 is a schematic view of: the database requests to query the password corresponding to the account, and may capture the database operation result returned from the database module 130 of the closed service system to the back-end service module 120 of the service layer of the closed service system, please refer to: FIG. 19: the database returns the result of inquiring the account number and the password. Database auditing can be realized by capturing relevant information of a database instance used by database connection corresponding to a database operation request, and referring to the following steps: FIG. 20: database instance information.
b) The "database command element determination module 630" determines whether the network traffic data and database command elementary stream module 420 "is the same as the database operation request: FIG. 18 is a schematic view of: the database requests to query the password corresponding to the account and the database operation result, please refer to: FIG. 19: the database returns the result of inquiring the account number and the password for syntactic analysis, and further database operation detail information is obtained by referring to: FIG. 21: database operation information. After the database instance information and the database operation information are correspondingly merged, the "database element module 631" may be obtained to include the following key information: the database type, the database example, the database account number, the adding, deleting, modifying and checking type, the database table, the database field and the database record.
c) Collecting the captured database operation requests and the corresponding database operation results according to the database examples and the database tables, and summarizing the operation requests and the operation results corresponding to the same database table together for reference: FIG. 22: summarizing database operation information, and forming a basically complete database table structure model by obtaining all acquired fields through the set combination operation of each field; by modeling and collecting the obtained records of each database operation, corresponding records in the whole audit period can be obtained, and the records are included in a data table to form the data records, so that a database table model with the data records is formed by referring to the following steps: FIG. 23 is a schematic view of: and establishing a database model t _ account.
For the operation process of the "closed service system presentation layer operation program module 110", under the condition of keeping the security of network isolation, the video signal of the computer where the "closed service system presentation layer operation program module 110" is located is obtained through the "KVB docking equipment one 210", and under the condition of monitoring unidirectional data acquisition, only the computer corresponding to the "closed service system presentation layer operation program module 110" is required to be docked through the video interface, and unidirectional data is output to the computer where the "artificial intelligent video image decoding and identifying module 310" is located. Then, through the following series of steps, a complete "interface interaction model module 910" can be built up step by step through accumulated learning.
a) The "artificial intelligence video image decoding and identifying module 310" will capture all the data displayed on the screen of the computer where the closed business system display layer operation program module 110 "is located, obtain the data of the corresponding frame after decoding, and then obtain the feature data in the frame picture through the capability of artificial intelligence image identification, including but not limited to: region segmentation of pictures, window boundaries please refer to the window concept programmed by the core of the Windows operating system, control elements Header, font, minimize icon, zoom icon, close icon, prompt text, input component input box, drop-down box, check box, etc., output component text, text box, form, picture, and other common interface interaction components. The data captured in the login window corresponding to the interface frame of the embodiment of FIG. 3 can be analyzed to obtain the following screen behavior data as reference: FIG. 24: control elements of the login interface, FIG. 25: system interaction interface area of login interface, fig. 26: logging in the characteristic data of the interface.
b) After the recognition is completed, a description of the interactive content of the interface is formed through a digital format, and such information is named as "screen behavior data module 410" here, please refer to: logging in the characteristic data of the interface.
c) The merge analysis module 510 captures, decodes and identifies the interface frame of the embodiment of fig. 3, the login window of the interface frame of the embodiment of fig. 3, the warehouse shelf management of the interface frame of the embodiment of fig. 4, the newly built warehouse and shelf of the interface frame of the embodiment of fig. 5, the newly built shelf interval of the interface frame of the embodiment of fig. 6, the modified shelf interval of the interface frame of the embodiment of fig. 7, the material summary query of the interface frame of the embodiment of fig. 8, the replenishment warehousing management of the interface frame of the embodiment of fig. 9, the new warehousing management of the interface frame of the embodiment of fig. 10, and the material receiving management of the interface frame of the embodiment of fig. 11, all completely, and analyzes the feature data therein successfully. And the corresponding process node login window, warehouse shelf management, warehouse shelf establishment, new shelf establishment interval, shelf interval modification, material query and summarization, replenishment warehousing management, new product warehousing management and material pickup management are obtained through model induction of browser window titles and corresponding characteristic data of each interface. In the process, the interface interaction element determination module 610 continuously accumulates and learns the acquired interface data to gradually form an accurate list of interface interaction elements, forms a determination rule with high reliability for the screen behavior data and the interface interaction characteristics corresponding to each process node, and obtains determination with high accuracy for an interface window area of each node, user operation event button clicking, menu clicking, inputting, and other types of operations, interface input items and interface output items, so as to form a data record of the interface interaction element module 611.
d) The interface interaction elementary flow module 710 is a time sequence record of each node in the whole operation process, and forms the same kind of terms after summarizing each node: and a plurality of warehouse shelf management interfaces which appear before and after are all summarized into warehouse shelf management link nodes, and transformation event button clicking events and menu clicking events in the warehouse shelf management link nodes are classified and linked.
e) The "intelligent analysis module 810 for interface interaction path diagram" can build a flow chart of each node by inducing the mouse click event of the interface operation process of each node through the mouse cursor stay, the button form change, the menu form change, combining the logic judgment of the interface transformation, and inducing the same button or menu of the similar click event, please refer to: fig. 27 is a flow chart of a node of the internal warehouse management system, thereby obtaining an "interface interaction model module 910".
After the network flow audit obtains the network flow data and database instruction primary flow module 420, through the following series of steps, a complete network instruction model module 920 can be gradually established through accumulation learning.
a) The network traffic audit can capture the reference of the network traffic data packet sent by the closed service system presentation layer operating program module 110 to the closed service system service layer back-end service module 120: fig. 12 is a login window login button HTTP network command request, fig. 15: the login window login button TCP/JSON network command request can capture the network traffic data packet reference returned by the closed service system service layer back-end service module 120 to the closed service system presentation layer operating program module 110: FIG. 13: login window login button HTTP network command response is successful, fig. 16: login window login button TCP/JSON network command response is successful, fig. 17: the login window login button TCP/JSON network instruction response fails. In this process, a "network traffic data preliminary flow" in the "network traffic data and database instruction preliminary flow module 420" is formed.
b) The general network command sub-packets have clear and repetitive separation. Such as HTTP commands, contain a request and a corresponding response through the establishment of a connection. Such as TCP commands, over a long connection, there are obvious "go-back" sequence pairs of "request-response" in timing when access pressure is low. Such as TCP commands, for a long connection, when there is a concurrent interaction of No-Delay, each complete command is often provided with a specific start, end flag such as '\ x 01' flag start, '\ x 01' flag end, or with a specific format header such as < Cmd:4Bytes > < Serial:4Bytes > < Len:4Bytes > followed by a corresponding length of < Body: N Bytes >.
c) A general network command has strict syntax rules for the segments in the command. Such as HTTP requests, are classified as explicit Header, Body. And the Header therein uses "Header itemmame + ' + Header itemvale + ' \ n ' + ' \ r '" to assemble each packet.
d) A general network command has strict syntax rules for the segments in the command. For example, in the JSON format, a 'Key-Value packet' is used as a basic unit, and then the basic unit is encapsulated layer by layer through a tree structure.
e) The system can identify the instruction of the target system by accumulating the decoding standards of various common instruction packaging modes or by manual assistance and specifying the data packet decoding rule through the rule.
f) By comparing and classifying the instructions captured by the same target system, the system can identify the command word segments therein such as: FIG. 12 is a URL Command word "POST/system/Login" requested by the Login window Login button HTTP network Command, and FIG. 15 is a "Command": Login "requested by the Login window Login button TCP/JSON network Command.
g) Through comparison and classification of the same type of command word instructions captured by the same target system, parameter segments such as 'UserName': 'administerer', 'passed': 'Pwd _ 123456' requested by a login window login button TCP/JSON network instruction of FIG. 15 can be identified.
h) The instruction pairing refers to matching a group of 'request-response', and corresponding pairing is mainly performed according to the protocol type. HTTP uses direct pairing of requests and responses within one session. TCP pairs the request-response in time sequence if it decides to use DELAY mode. TCP should be paired with sequence + < Serial > packet sequence numbers if it is determined that NO-DELAY mode is used. There are other pairing logics, which are set according to the corresponding rules.
i) The "merge analysis module 510" first forms a basic network instruction element judgment based on the above method of sub-packaging and segmenting, and generates a corresponding data instruction sub-packaging, instruction category segmenting, instruction content segmenting, and instruction pairing of the "network instruction element module 621" for each network instruction.
j) After all network instruction data are preliminarily identified, all parameter segments of instruction contents are not required to be identified temporarily, and instruction sub-packets, instruction categories, namely command types, instruction contents, namely instruction data loads, and instruction pairing are mainly completed, so that the network instruction primary flow module 720 can be formed.
k) The "instruction packet slice matching intelligent analysis module 820" needs to rely on the "interface interaction primary pipeline module 710" to compare the time sequence record of each node in the whole operation process, the interface window, the user operation event, the interface input item and content, the interface output item and content of each node of the "interface interaction element module 611" corresponding to the node, and the parameter segment of the request instruction packet of the network instruction corresponding to the data of the "interface interaction element module 611", especially the content of the input item, with the grouping rule of the current instruction packet, especially the parameter segment of the response instruction packet of the network instruction corresponding to the content of the output item. For example, "administerer" in the login window login button TCP/JSON network command request in fig. 15, corresponds to the data "administerer" of the entry "login account" in the login window of the interface frame in the embodiment of fig. 3. If the input item "login Password" in the login window of the interface frame in the embodiment of fig. 3 is displayed in plain text instead of in an interactive manner of "star encryption", the input item "login Password" corresponds to "passed" in the network instruction request "Pwd _ 123456".
l) through the above process, pairing the network commands that can form commonality to form a "network command model module 920" please refer to: FIG. 28 network command model.
The "cross intelligent analysis module 1010" performs inspection and analysis on the currently obtained interface interaction model module 910, the corresponding interface interaction preliminary flow module 710, the network instruction model module 920, the network instruction preliminary flow module 720, the database model, the network traffic data and database instruction preliminary flow module 420 and other data based on the time sequence, and then forms a "closed business system model module 1110".
a) According to the fact that the running water occurrence time with high precision is accurate to millisecond or higher precision, based on information such as classification of operation events of all nodes on the interface interaction model, instruction category segmentation of network instructions of the network instruction model, increasing and deleting modification types/database tables/database fields of database operation information of the database model, the corresponding relation between the interface interaction operation event, the network instructions and the database instructions can be obtained through comparison of distribution convergence corresponding relation. The corresponding relationship between the command database and the command of the interface interaction network of fig. 29 can be referred. After formatting the data records of the relationship between the three, a further data model closed business system model module 1110 can be obtained, which can refer to the data records of the closed business system model of fig. 30.
b) Based on the data record of the closed service system model module 1110, interface communication running water, network instruction running water and database instruction running water in the running process of the closed system in the whole running process are all identified and summarized and correspond to the standardized record of the closed service system model module 1110, and then the running time, parameter data, result data and the like in the running water are stored in an associated manner, so that complete records for retrospective tracing and simulation reproduction can be obtained.
Based on the obtained "closed service system model module 1110", the following multiple reconstructions can be developed to realize system module replacement of different layers and realize fusion access to the original system.
a) The "presentation layer reconstruction fusion module 1210" uses the "interface interaction model module 910" as an interface prototype according to the content of interface interaction in the "closed service system model module 1110", and can reconstruct corresponding presentation layer codes by methods such as manual writing or low code generation, so as to achieve basic matching, complete the main input and output items in the "interface interaction model module 910", and submit the corresponding input and output elements to the data thereof and other operation events such as: mouse click, button submission and the like are performed, the input event is correspondingly called to a corresponding instruction in the "network instruction model module 920", and the output time is as follows: the content in the text box updates the corresponding instruction response instruction in the corresponding network instruction model module 920 ″. Based on the system model obtained before, the system reconstruction can be realized by reconstructing codes of the presentation layer and integrating the original network instructions and the original database.
b) The database docking and merging module 1220 combs out the service logic according to the interface interaction model, the network instruction model, the database model and the corresponding relationship among the three in the closed service system model module 1110 to form a design document for the current closed service system. Based on the design document, the original interface interaction code and network instruction code can be abandoned, based on the current new technical architecture and the available frame code, the service presentation layer interaction and the network instruction interaction are realized again, the existing data of the original system is carried through the new database access frame or API, and the original service system is replaced by the new service system. By the implementation mode, the simultaneous access of the original closed service system and the reconstructed newly-implemented service system to the same database can be supported. By the implementation mode, the limitation that codes of an original closed service system are not opened and secondary development cannot be carried out can be completely eliminated, corresponding service functions can be expanded according to needs in reconstructing a newly-implemented service system, and even new data objects are added in an original database, so that the original system is subjected to brand-new expansion on the service functions.
c) The KVB simulation operation fusion module 1230 does not replace any code module in the original closed service system, but operates the original closed service system by concurrently or instead inputting a keyboard, a mouse and an output image of an output screen, and simulating the input of the keyboard and the mouse through a proxy computer. The control program of the agent computer is driven based on the obtained "closed business system model module 1110". After the interface interaction model module 910 forms a model, it confirms that the operation process covering the original closed service system is covered, and after further normalization, clearly combs the interface content identification rule output by the key process node, the input interface operation area, the corresponding operation result branch operation success and operation failure, and forms a clear state machine flow chart of the data-driven logic script similar to a compiler, so that the control program specially designed can be understood and executed. The control program designs an external interface API according to the service flow of the closed service system, and appoints a fusion operation instruction for the closed service system, such as: 1, inserting a new data record into a closed business system; 2, inquiring the existing data record in the closed service system according to the condition; and 3, modifying a certain data record in the closed service system. The control program allows another system to initiate a command to the control program through an external interface API, the control program receives, understands and executes the command within the scope agreed by the interface API, and the execution of the command influences the closed service system, so that the docking of the closed service system is realized through a 'proxy' mode. The control program realizes input in the presentation layer interaction of the closed business system by simulating the input events of the keyboard and the data, thereby driving the closed business system to execute the business behavior of the preset logic and outputting the operation result data through the preset logic, and the control program reads and identifies the output operation result data through identifying the screen output image and then responds to another business system through an interface API.
The "database external access agent service module 1240" is mainly based on the "database model module 930" in the "closed business system model module 1110", and is based on the standardization of the database, so that the "access agent service" can be more easily provided in a standardized framework.
a) First, the number of the database systems in the current mainstream is very limited, and even if the versions of the databases of the same manufacturer are different, the data in the databases can be operated by using the interface API of the latest version. Even if a database of one vendor needs to use different versions of the interface API because of the difference in version, the number is within a controllable range.
b) Based on the "database model module 930", the version of the database, the access account and password of the database instance, and the relevant connection parameters of the database instance are already available.
c) The current mainstream databases basically support dynamic access based on the technology of "database dynamic SQL" or by the technology of self-assembling SQL statements.
d) The "database internal agent module 150" is an agent program specially developed for network security and possible network security constraints of the database, such as allowing only computers from a specific source to use a certain access account and credential, and is dedicated to run in the environment of a closed business system, thereby obtaining a legal computer network node environment to ensure that subsequent database access can be performed normally. The "database internal agent module 150" may execute specific database operation logic compiled after analysis according to the business logic of the "closed business system model module 1110", such as: the 'dynamic SQL' can also be executed for copying the operation logic of a certain original database, or for combining the operation logics of a plurality of original databases, and the like. The "database internal agent module 150" can directly receive the call request of other service systems through the network interface API when the closed service system does not need special network constraints. The "database internal agent module 150" supports that in order to ensure that the network security of the closed service system is not affected, the call of the external system is accepted through the "KVB docking device two 211". When in the KVB docking mode, an external system simulates input events of a keyboard and a mouse, and request parameters needing to be transmitted such as: the dynamic SQL statements required by the call are transferred to a specific interface interaction module of the "database internal agent module 150", such as: a text box and input by a specific convention such as: in semicolon "; "end; mouse click button "execute"; informing the "database internal agent module 150" that the request has been delivered. When the KVB docking mode is used, the external system identifies the execution result of the call request through monitoring and analyzing the output image of the output screen and extracts result data. For the case of large output data volume, the database internal agent module 150 outputs data in the conventional manners of "text box with scroll bar", "form with page turning", and the like, and the external system needs to further invoke events of the mouse and the keyboard after analyzing the output image of the output screen to trigger consolation of scroll bar movement, page turning, and the like to obtain subsequent data.
The "database external access proxy service module 1240" mainly accomplishes the following work: 1, communicating a computer where the database internal agent module 150 is located through a KVB docking device II 211, and simulating operation events of a mouse and a keyboard according to current operation requirements and sending the operation events to the computer where the database internal agent module 150 is located; monitoring screen image data of the database internal agent module 150 through a KVB second docking device 211, and analyzing in real time to obtain data; 2 monitoring whether the target computer has started the database internal agent module 150, if not, starting the database internal agent module 150 of the target computer by simulating the operation events of a mouse and a keyboard through remote operation time; 3 waiting for the database internal agent module 150 to start and confirming that the connection is accessed to the target database; 4, providing a proxy service API, and receiving an access request of an external system according to the API; based on appointed copy of an original database operation logic, or combination of original database operation logics, etc., sending an access request to a database internal agent module 150 for execution, analyzing execution result data into digital data after monitoring and acquiring the execution result, and responding to an external system; based on the dynamic SQL, receiving an operation request SQL statement of an external system, sending an access request to a database internal agent module 150 for execution, analyzing execution result data into digital data after monitoring and obtaining an execution result, and responding to the external system; and 5, forming a database mirror image locally based on the database model, extracting all records of all database tables of the database in the closed business system through the database internal agent module 150 in a periodic traversal mode, storing the records in the local database, and providing the records to an external system for access through the local database.
By means of the above-mentioned solution of the present invention,
(1) under the condition of not destroying the safety of a closed network of the original system, the audit of the original system is realized;
(2) under the condition of not destroying the safety of a closed network of the original system, establishing an interface interaction model based on a presentation layer, and acquiring a corresponding data item;
(3) under the condition of not destroying the safety of a closed network of the original system, a network instruction model based on network instructions of a service layer and a data layer is established, and data in the network instruction model is extracted through corresponding instruction analysis;
(4) under the condition of not destroying the security of a closed network of an original system, a database model based on a data layer is established, and data of a database network instruction is obtained;
(5) under the condition that the original system architecture allows, a database proxy server is established, and an external system is allowed to directly acquire data in the original system database through a non-network penetration mode.
Based on the various capabilities, the capabilities of KVB simulation operation fusion, database docking fusion and presentation layer reconstruction fusion are provided.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (6)

1. A system based on non-network penetration system fusion is characterized by comprising a closed business system presentation layer operation program module (110) and a database external access agent service module (1240), wherein the closed business system presentation layer operation program module (110) is connected with a KVB (KVB) docking equipment I (210), a closed business system business layer back-end service module (120) and a database and network flow auditing module (140), the KVB docking equipment I (210) is connected with an artificial intelligent video image decoding and identifying module (310), the artificial intelligent video image decoding and identifying module (310) is connected with a screen behavior data module (410), the closed business system business layer back-end service module (120) is connected with a closed business system data layer database module (130), and the closed business system business layer back-end service module (120) is connected with the database and the network flow auditing module (140), the database and network flow auditing module (140) is connected with a network flow data and database instruction primary flow module (420), the network flow data and database instruction primary flow module (420) and the screen behavior data module (410) are both connected with a merging analysis module (510), the merging analysis module (510) is connected with an interface interaction element judgment module (610) and a network instruction element judgment module (620), the network instruction element judgment module (620) is connected with a network instruction element 621, the network flow data and database instruction primary flow module (420) is also connected with a database instruction element judgment module (630), the database instruction element judgment module (630) is connected with a database element module (631), and the database element module (631) is connected with a database model module (930), the interface interaction element judgment module (610) is connected with an interface interaction element module (611), the interface interaction element module (611) is connected with an interface interaction primary flow module (710), the interface interaction primary flow module (710) is connected with an interface interaction path diagram intelligent analysis module (810), the interface interaction path diagram intelligent analysis module (810) is connected with an interface interaction model module (910), the network instruction element module (621) is connected with a network instruction primary flow module (720), the network instruction primary flow module (720) is connected with an instruction sub-packaging slice matching intelligent analysis module (820), the instruction sub-packaging slice matching intelligent analysis module (820) is connected with a network instruction model module (920), and the database model module (930), the interface interaction model module (910) and the network instruction model module (920) are all connected with a cross intelligent analysis module (1010), the cross intelligent analysis module (1010) is connected with a closed business system model module (1110), the closed business system model module (1110) is connected with a presentation layer reconstruction fusion module (1210), a database docking fusion module (1220) and a KVB simulation operation fusion module (1230), the database external access proxy service module (1240) is connected with a KVB docking device II (211), the KVB docking device II (211) is connected with a database internal proxy module (150), and the database internal proxy module (150) is connected with the closed business system database module (130).
2. The system for non-network penetration based system convergence according to claim 1, wherein the closed service system presentation layer operating program module (110) is connected with a KVB first docking device (210) through a KVB.
3. The system of claim 1, wherein the database element module (631) comprises a database type module, a database instance module, the database account module, an add-delete-modify-check type module, a database table module, a database field module, and a data record module.
4. The system for non-network penetration based system fusion of claim 1, wherein the interface interactive element module (611) comprises an interface window, a user operation event, an interface input item and an interface output item.
5. The system for non-network penetration based system convergence according to claim 1, wherein the network command element module (621) comprises a command packet module, a command category segmentation module, a command content segmentation module and a command pairing module.
6. The system of claim 1, wherein the KVB second docking device (211) is connected with the database internal agent module (150) through a KVB.
CN202110561175.XA 2021-05-22 2021-05-22 System fusion system based on non-network penetration Active CN113282654B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110561175.XA CN113282654B (en) 2021-05-22 2021-05-22 System fusion system based on non-network penetration

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110561175.XA CN113282654B (en) 2021-05-22 2021-05-22 System fusion system based on non-network penetration

Publications (2)

Publication Number Publication Date
CN113282654A CN113282654A (en) 2021-08-20
CN113282654B true CN113282654B (en) 2022-07-22

Family

ID=77280864

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110561175.XA Active CN113282654B (en) 2021-05-22 2021-05-22 System fusion system based on non-network penetration

Country Status (1)

Country Link
CN (1) CN113282654B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7123974B1 (en) * 2002-11-19 2006-10-17 Rockwell Software Inc. System and methodology providing audit recording and tracking in real time industrial controller environment
CN101639879A (en) * 2008-07-28 2010-02-03 成都市华为赛门铁克科技有限公司 Database security monitoring method, device and system
CN107995444A (en) * 2017-12-12 2018-05-04 华南理工大学 It is a kind of towards industrial general isomeric data harvester and method
CN108989427A (en) * 2018-07-20 2018-12-11 北京开普云信息科技有限公司 A kind of public service system and its construction method based on multi-source information polymerization
CN109411073A (en) * 2018-10-11 2019-03-01 北京医鸣技术有限公司 Medical data integrated system
CN111125213A (en) * 2019-11-29 2020-05-08 北京数起科技有限公司 Data acquisition method, device and system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020156792A1 (en) * 2000-12-06 2002-10-24 Biosentients, Inc. Intelligent object handling device and method for intelligent object data in heterogeneous data environments with high data density and dynamic application needs
US10997242B2 (en) * 2017-02-14 2021-05-04 Brian Arthur Sherman System for creating data-connected applications

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7123974B1 (en) * 2002-11-19 2006-10-17 Rockwell Software Inc. System and methodology providing audit recording and tracking in real time industrial controller environment
CN101639879A (en) * 2008-07-28 2010-02-03 成都市华为赛门铁克科技有限公司 Database security monitoring method, device and system
CN107995444A (en) * 2017-12-12 2018-05-04 华南理工大学 It is a kind of towards industrial general isomeric data harvester and method
CN108989427A (en) * 2018-07-20 2018-12-11 北京开普云信息科技有限公司 A kind of public service system and its construction method based on multi-source information polymerization
CN109411073A (en) * 2018-10-11 2019-03-01 北京医鸣技术有限公司 Medical data integrated system
CN111125213A (en) * 2019-11-29 2020-05-08 北京数起科技有限公司 Data acquisition method, device and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
""大数据时代这3种数据采集方法必须get!"";博为小帮软件机器人;《https://www.sohu.com/a/194684895_827717》;20170926;全文 *

Also Published As

Publication number Publication date
CN113282654A (en) 2021-08-20

Similar Documents

Publication Publication Date Title
CN106875156B (en) Universal intelligent auditing platform and auditing method thereof
US8826084B1 (en) Method and system for implementing automated test and retest procedures
US8060863B2 (en) Conformance control module
US20020073119A1 (en) Converting data having any of a plurality of markup formats and a tree structure
US11789993B2 (en) Correlating non-text machine data using event fields
CN115857886A (en) Low code development platform for basic government affair application
CN110889013A (en) Data association method, device, server and storage medium based on XML
CN113282654B (en) System fusion system based on non-network penetration
CN116861708B (en) Method and device for constructing multidimensional model of production equipment
US20230393832A1 (en) Automated translation of computer languages to extract and deploy computer systems and software
CA3203793C (en) System and method for real-time, dynamic creation, delivery, and use of customizable web applications
US9530115B2 (en) Message evaluation tool
Wei et al. Design and implementation of public opinion monitoring system based on cloud platform
KR102638529B1 (en) Ontology data management system and method for interfacing with power system applications
CN117056929B (en) Method, device and medium for optimizing test automation and safety detection on Hongmon system
Busson et al. Embedding deep learning models into hypermedia applications
CN116595995B (en) Determination method of action decision, electronic equipment and computer readable storage medium
Haidar et al. A Graph based Approach to Automatically Chain Distributed Multimedia Indexing Services.
US20230065934A1 (en) Extract Data From A True PDF Page
Fan Cloud based Intelligent Video Surveillance and Predictive Monitoring Platform
Qu et al. Modeling and Analysis of Aspect-Oriented High-Speed Railway Database Connection Pool
Costa Microserviced ETL System in a Healthcare Environment
CN105163077B (en) A method of the multiple types video integration being abstracted based on multilayer
CN116301804A (en) Front-end-based data modeling method and device, electronic equipment and storage medium
CN116627792A (en) Test code optimization method, apparatus, device, medium and program product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant