CN102082829A - Remote laboratory access control method - Google Patents
Remote laboratory access control method Download PDFInfo
- Publication number
- CN102082829A CN102082829A CN2011100088837A CN201110008883A CN102082829A CN 102082829 A CN102082829 A CN 102082829A CN 2011100088837 A CN2011100088837 A CN 2011100088837A CN 201110008883 A CN201110008883 A CN 201110008883A CN 102082829 A CN102082829 A CN 102082829A
- Authority
- CN
- China
- Prior art keywords
- user
- book keeping
- keeping operation
- experiment
- experimental
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention relates to a remote laboratory access control method. The method is characterized by comprising the following processing steps of: 1, carrying out authentication and authorization; 2, starting to keep an account; and 3, finishing the account keeping. The invention is reasonable in design, the authentication, authorization and account keeping functions between a user and an experiment table of a remote laboratory are realized by virtue of coordinative control among core control equipment, authentication, authorization and account keeping equipment, database equipment and terminal control equipment so as to realize remote access control on the laboratory, and the method in the invention has the characteristics of various functions, high safety and reliability, wide application range and low cost.
Description
Technical field
The invention belongs to areas of information technology, especially a kind of laboratory remote access control method.
Background technology
The contradiction of experiment fees anxiety, new Experiment Teaching Mode are explored solving that student's quantity significantly increases, valuable experimental facilities is shared in the tele-experimentation chamber and different universities or research unit between aspect such as trans-city transnational cooperation all be significant, especially the extensive use of the universal and Internet of current computer has been established good basis for the construction of tele-experimentation chamber.The control method of existing tele-experimentation chamber mainly contains:
1, uses the SSL VPN of router or multilayer switch to realize that user's login and user are improper and withdraw from monitoring.It adopts the SSL encapsulation technology, and user login information is encrypted, and can prevent effectively that user login information from leaking.The problem that this method exists is: need finish on router, multilayer switch or the server of specifying model, specify hardware configuration, cost is higher; Server end will be that the non-sensitive flow of operation experiments equipment adds, decryption processing to non-user login information flow, waste bandwidth resource and hardware resource; The user side program needs also to carry out that data add, decryption processing, and client device is had higher requirements; Can't connect virtual experimental equipment; Can't filter user's operation; Can't recording user operation; Book keeping operation generally begins to end to withdrawing from SSL VPN server device from login SSL VPN server device.
2, adopt router or specific model router and the octopus cable formation terminal control device realization reverse-telnet capability that has the asynchronous serial interface module.Under normal circumstances the user need be directly connected to the control port (console interface) of managed devices, and oppositely Telnet can be connected the managed devices control port with the terminal control device asynchronous serial interface, by the configurating terminal control appliance, the logic port of terminal control device is bound with the physics cable that is connected controlled device, realized once logining the purpose of many controlled terminal equipment of terminal control device management.The problem that this control method exists is: every cover experimental bench needs a terminal control device, the waste device resource; Can't distribute experimental bench by dynamic on-demand; Can't connect virtual environment; Can't filter user's operation; Can't recording user operation.
3, adopt product such as NETLAB, constitute the tele-experimentation chamber system by Unix or class Unix system.It provides the reservation experiment method, promptly uses the experimental bench authority automatically open user of the time of reservation, and subscription time finishes to stop automatically the mandate of user capture experimental bench and stops experiment by force.The problem that this control method exists is: the user can't grasp experimental period according to experiment process oneself; Experimental facilities only limits to particular vendor equipment; The price height, product supplier's maintenance cost height; Only for being used to connect experimental facilities in the local area network (LAN); Can't filter user operate; Can't connect virtual experimental equipment.
In sum, existing control method ubiquity cost height, narrow application range, be difficult to realize problem such as Certificate Authority book keeping operation (AAA) function.
Summary of the invention
The objective of the invention is to overcome the deficiencies in the prior art, provide a kind of reliable, with low cost, applied widely and can realize authentication, authorize and the laboratory remote access control method of book keeping operation (AAA) function.
The present invention solves its technical problem and takes following technical scheme to realize:
A kind of laboratory remote access control method comprises the steps:
Step 3, book keeping operation end process step.
And the described Certificate Authority treatment step of step 1 comprises:
(1) obtains user login information;
(2) obtain authentication, authorization message;
(3) obtain and to use experimental bench;
(4) cache user log-on message;
(5) feedback result is to the user.
And the described book keeping operation of step 2 begins treatment step and comprises following processing procedure: multiple person cooperational is tested first book keeping operation that begins experiment user and is begun the non-book keeping operation that first begins experiment user of processing procedure, multiple person cooperational experiment and begin processing procedure and single experiment book keeping operation beginning processing procedure.
And described multiple person cooperational is tested first book keeping operation that begins experiment user and is begun processing procedure and comprise the steps:
(1) obtains user request information;
(2) obtain user login information;
(3) start network status monitoring mechanism;
(4) obtain subscriber authorisation;
(5) obtain idle experimental bench inventory;
(6) obtain experimental bench and the essential information of corresponding experimental state monitoring equipment;
(7) preserve the incidence relation of user, experimental bench and the experimental group of cooperating;
(8) initialization experimental bench and corresponding experimental state monitoring equipment;
(9) be provided with the user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(10) experimental bench and corresponding experimental state monitoring equipment parameter are fed back to the user;
(11) book keeping operation beginning;
The non-book keeping operation beginning process that first begins experiment user of described multiple person cooperational experiment comprises the steps:
(1) obtains user request information;
(2) checking cooperation experimental group mandate;
(3) obtain user login information;
(4) start network status monitoring mechanism;
(5) obtain subscriber authorisation;
(6) obtain experimental bench and the essential information of corresponding experimental state monitoring equipment;
(7) preserve the incidence relation of user and the experimental group of cooperating;
(8) be provided with the user to experimental bench and the access permission of corresponding experimental state monitoring equipment
(9) experimental bench and corresponding experimental state monitoring equipment parameter are fed back to the user;
(10) book keeping operation beginning;
Described single experiment book keeping operation beginning process and multiple person cooperational are tested first book keeping operation that begins experiment user to begin processing procedure identical, and the experimental group of cooperating in this processing procedure includes only a people.
And the described book keeping operation end process of step 3 step comprises following processing procedure: the book keeping operation treatment step of normal termination and the book keeping operation treatment step of abnormal ending.
And, the book keeping operation treatment step of described normal termination comprises: multiple person cooperational experiment non-last withdraw from the user's of experiment the book keeping operation end process process of normal termination, multiple person cooperational is tested last user's who withdraws from experiment the book keeping operation end process process of normal termination and the book keeping operation end process process of single experiment normal termination, wherein:
The experiment of described multiple person cooperational non-last withdraw from the user's of experiment the book keeping operation end process process of normal termination, comprise the steps:
(1) obtains user request information;
(2) obtain user profile;
(3) stop network status monitoring mechanism;
(4) book keeping operation finishes;
(5) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(6) remove the incidence relation of user and the experimental group of cooperating;
(7) feedback result is to the user;
Described multiple person cooperational is tested the book keeping operation end process process of last normal termination of withdrawing from experiment user, comprises the steps:
(1) obtains user request information;
(2) obtain user login information;
(3) stop network status monitoring mechanism;
(4) book keeping operation finishes;
(5) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(6) record experimental implementation process and result and initialization apparatus;
(7) remove the incidence relation of user and the experimental group of cooperating;
(8) feedback result is to the user;
The book keeping operation end process process that the book keeping operation end process process and the multiple person cooperational of described single experiment normal termination tested last normal termination of withdrawing from experiment user is identical, and in this processing procedure, the cooperation experimental group includes only a people.
And, the book keeping operation treatment step of described abnormal ending comprises: multiple person cooperational experiment non-last withdraw from the user's of experiment the book keeping operation end process process of abnormal ending, multiple person cooperational is tested last user's who withdraws from experiment the book keeping operation end process process of abnormal ending and the book keeping operation end process process of single experiment abnormal ending, wherein:
The experiment of described multiple person cooperational non-last withdraw from the user's of experiment the book keeping operation end process process of abnormal ending, comprise the steps:
(1) monitors unusual off-line;
(2) obtain user login information;
(3) book keeping operation finishes;
(4) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(5) remove the incidence relation of user and the experimental group of cooperating;
Described multiple person cooperational is tested the book keeping operation end process process of last abnormal ending of withdrawing from experiment user, comprises the steps:
(1) monitors unusual off-line;
(2) obtain user login information;
(3) book keeping operation finishes;
(4) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(5) record experimental implementation process and result and initialization apparatus;
(6) remove the incidence relation of user and the experimental group of cooperating;
The book keeping operation end process process of described single experiment abnormal ending, the book keeping operation end process process of testing last abnormal ending of withdrawing from experiment user with multiple person cooperational is identical, and in this processing procedure, the cooperation experimental group includes only a people.
Advantage of the present invention and good effect are:
The present invention is reasonable in design, carry out the functions such as authentication, mandate, book keeping operation of the experimental bench of user and tele-experimentation chamber by the coordination control between the book keeping operation of core control equipment and Certificate Authority equipment, database facility and the terminal control device, thereby realize breadboard remote access controlled function, have feature richness, safe and reliable, the scope of application is extensive, characteristics such as with low cost.
Description of drawings
Fig. 1 is a laboratory remote access control system connection diagram, wherein: Fig. 1-the 1st, the part 1 connection diagram of laboratory remote access control system, Fig. 1-2 is the part 2 connection diagram of laboratory remote access control system;
Fig. 2 is the flow chart of authentication and authorisation process step;
Fig. 3 is the flow chart of book keeping operation beginning treatment step, wherein: Fig. 3-the 1st, multiple person cooperational test first book keeping operation that begins experiment user and begin process flowchart (part 1), Fig. 3-the 2nd, multiple person cooperational test first book keeping operation that begins experiment user and begin process flowchart (part 2), and Fig. 3-the 3rd, multiple person cooperational test first book keeping operation that begins experiment user and begin process flowchart (the 3rd part); Fig. 3-the 4th, the non-book keeping operation that first begins experiment user of multiple person cooperational experiment begins process flowchart (part 1), Fig. 3-the 5th, the non-book keeping operation that first begins experiment user of multiple person cooperational experiment begins process flowchart (part 2);
Fig. 4 is the flow chart of book keeping operation end process step, wherein, Fig. 4-the 1st, the book keeping operation end process process flow diagram of normal termination, Fig. 4-the 2nd, multiple person cooperational experiment non-last withdraw from the user's of experiment the book keeping operation end process process flow diagram of normal termination, Fig. 4-the 3rd, multiple person cooperational test the book keeping operation end process process flow diagram of last user's who withdraws from experiment normal termination; Fig. 4-the 4th, the book keeping operation end process process flow diagram of abnormal ending, Fig. 4-the 5th, multiple person cooperational experiment non-last withdraw from the user's of experiment the book keeping operation end process process flow diagram of abnormal ending, Fig. 4-the 6th, multiple person cooperational test the book keeping operation end process process flow diagram of last user's who withdraws from experiment abnormal ending.
Embodiment
Below in conjunction with accompanying drawing the embodiment of the invention is further described.
A kind of laboratory remote access control method is to realize on laboratory remote access control system as shown in Figure 1.This laboratory remote access control system is made up of portal service equipment, network status monitoring equipment, Certificate Authority book keeping operation equipment, core control equipment, database facility, log services equipment, experimental bench, terminal control device, experimental state monitoring equipment and experimental state monitoring terminal control appliance.Core control equipment is connected with log services equipment; Core control equipment and log services equipment are connected with portal service equipment, network status monitoring equipment, Certificate Authority book keeping operation equipment, database facility, terminal control device and experimental state monitoring terminal control appliance respectively; Terminal control device is connected with each experimental bench; Experimental state monitoring terminal control appliance is connected with each experimental state monitoring equipment.Equipment in the remote access control system of laboratory is made up of the computer that functional software is housed, and comprises following three kinds of situations: first kind of situation, and a computer constitutes hardware environment, and installs and realize repertoire software; Second kind of situation, many computers constitute hardware environment, and wherein the part computer is installed a plurality of functional software; The third situation, many computers constitute hardware environment, and every computer is installed a kind of functional software.Employed computer connects by network in the system.
The function that each equipment in the remote access control system of laboratory is realized respectively is as follows:
The major function of portal service equipment is: provide visual user interface, for the user provides human-computer interaction interface.
The major function of network status monitoring equipment is: the network connection state of real-time monitor user ' and native system in experiment is carried out, trigger for native system provides operation when the unusual off-line of user.
The major function of Certificate Authority book keeping operation equipment is: realize authentication (Authentication), authorize (Authorization) and book keeping operation (Accounting) function.
The major function that core control equipment is realized is: 1, concern between each function device in the coherent system; 2, communication data message between each function device is carried out format conversion; 3, initialization experimental facilities and experimental state monitoring equipment; 4, the availability of test experience platform and experimental state monitoring equipment; 5, send access permission to terminal control device and experimental state monitoring terminal control appliance; 6, the backup user configuration information is to database facility; 7, read user's config archive and return to experimental bench from database facility.
The major function of database facility is: the related data of preserving native system.
The major function of log services equipment is: for all or part equipment in the native system provides the log services function, recording operation process and result are in order to tracing system ruuning situation.
Experimental bench is made up of one or more experimental facilities.Experimental facilities by true physical equipment or/and computer virtualized equipment or/and the computer of virtual software be housed form.The control interface of true physical equipment directly is connected with terminal control device, the control interface of computer virtualized equipment is connected with terminal control device by virtual host's main frame, and the computer that the control interface of computer virtualized software passes through to be loaded is connected with terminal control device; Interconnect according to the experiment needs between each experimental facilities.
The major function of terminal control device is: the access control and the Data Format Transform that provide the user to be connected to experimental facilities.
The major function of experimental state monitoring equipment is: gather and provide information and data in the experimentation to the user.
The major function of experimental state monitoring terminal control appliance is: the access control and the Data Format Transform that provide the user to arrive the experimental state monitoring equipment.
The method of operation of a kind of laboratory remote access control system comprises the steps:
Step 1: authentication and authorisation process step, as shown in Figure 2, this step comprises following processing procedure:
(1) obtain user login information:
A) user is committed to portal service equipment with logon information;
B) portal service equipment is delivered to core control equipment with the user login information of receiving;
(2) obtain authentication, authorization message:
A) core control equipment is delivered to Certificate Authority book keeping operation equipment with user login information;
B) Certificate Authority book keeping operation equipment sends instruction to database facility, authentification of user, authorization message that inquiry has been preserved;
C) database facility returns Query Result;
D) log-on message of the authentication information preserved by comparison database of Certificate Authority book keeping operation equipment and user's input, determine that user login information is effective after, this information and authorized user message are delivered to core control equipment;
(3) obtain and can use experimental bench:
A) core control equipment extracts and to license the experimental bench type information in the authorized user message;
B) core control equipment sends instruction to database facility, and the inquiry active user licenses the experimental bench type and whether has idle experimental bench;
C) database facility returns Query Result;
(4) cache user log-on message:
A) core control equipment sends instruction to database facility, preserves user login information;
B) database facility is preserved information, and the result of return success;
(5) feedback result is to the user:
A) core control equipment is delivered to portal service equipment with the information of authorized user message and " having the idle experimental bench of licensing ";
B) portal service equipment is given the user with the feedback information of receiving.
First kind of situation: multiple person cooperational is tested first book keeping operation that begins experiment user and is begun processing procedure, shown in Fig. 3-1, Fig. 3-2, Fig. 3-3, comprises the steps:
(1) obtain user request information:
A) user selects the experimental bench license;
B) user selects experimental bench acquiescence initiation parameter or User Defined initiation parameter;
C) user is provided with cooperation experimental group title and licencing key;
D) user is committed to portal service equipment with the solicited message among step a, b, the c;
E) portal service equipment is delivered to core control equipment with user's request and user network state information;
(2) obtain user login information:
A) core control equipment sends instruction to database facility, the user login information of preserving during the inquiring user login;
B) database facility returns Query Result;
(3) start network status monitoring mechanism:
A) core control equipment is delivered to network status monitoring equipment with user login information, user network state information and the request of startup network status monitoring;
B) the network status monitoring device start is to user's network status monitoring;
C) core control equipment sends instruction to database facility, preserves the information at " book keeping operation begin to carry out in " mark of active user;
D) database facility is preserved information, and the result of return success;
(4) obtaining the active user authorizes:
A) core control equipment is delivered to Certificate Authority book keeping operation equipment with user login information;
B) Certificate Authority book keeping operation equipment sends instruction to database facility, the inquiring user authorization message;
C) database facility returns Query Result;
D) Certificate Authority book keeping operation equipment is delivered to core control equipment with authorized user message;
E) core control equipment determines that by the experimental bench of the use of applying in comparison authorized user message and the user request information user has authority to use the experimental bench of the use of applying for;
(5) obtain idle experimental bench inventory:
A) core control equipment sends instruction to database facility, and whether the experimental bench type that inquiring user is applied for exists idle experimental bench;
B) database facility returns Query Result;
(6) obtain experimental bench and the essential information of corresponding experimental state monitoring equipment:
A) core control equipment is chosen a cover experimental bench from return results;
B) core control equipment sends instruction to database facility, and the state of revising selected experimental bench is " using ";
C) core control equipment sends instruction to database facility, inquiry institute apply for the use experimental bench essential information and the essential information of corresponding experimental state monitoring equipment;
D) database facility returns Query Result;
(7) preserve the incidence relation of user, experimental bench and the experimental group of cooperating:
A) core control equipment sends instruction to database facility, preserves following information;
1. the experimental group of cooperating title, cooperation experimental group licencing key;
2. the incidence relation of user and the experimental group of cooperating;
3. the incidence relation of experimental bench and the experimental group of cooperating;
B) database facility is preserved information, and the result of return success;
(8) initialization experimental bench and corresponding experimental state monitoring equipment:
A) core control equipment by terminal control device by the experimental facilities in the user's request initialization experimental bench;
B) the core control equipment status monitoring terminal control device initialization experimental state watch-dog corresponding by experiment with experimental bench;
(9) be provided with the user to experimental bench and the access permission of corresponding experimental state monitoring equipment:
A) core control equipment sends grant instruction to terminal control device, makes the user connect experimental bench by terminal control device;
B) core control equipment sends grant instruction to experimental state monitoring terminal control appliance, makes user's status monitoring terminal control device connection experimental state monitoring equipment by experiment;
(10) parameter with experimental bench and experimental state monitoring equipment feeds back to the user:
A) core control equipment is delivered to portal service equipment with experimental bench parameter and corresponding experimental state monitoring equipment parameter;
B) portal service equipment feedback information is to the user;
(11) book keeping operation beginning:
A) core control equipment begins to ask to deliver to Certificate Authority book keeping operation equipment with user login information and book keeping operation;
B) Certificate Authority book keeping operation equipment is kept accounts and is begun operation;
C) core control equipment sends instruction to database facility, and deletion is at the information of " book keeping operation begin to carry out in " mark of active user;
D) database facility deletion information, and the result of return success.
Second kind of situation: the non-book keeping operation that first begins experiment user of multiple person cooperational experiment begins processing procedure, shown in Fig. 3-4, Fig. 3-5, comprises the steps:
(1) obtain user request information:
A) user is committed to portal service equipment with multiple person cooperational experimental group title, licencing key and multiple person cooperational experiment request;
B) portal service equipment is delivered to core control equipment with information and user network state information that the user submits to;
(2) checking cooperation experimental group mandate:
A) core control equipment sends instruction to database facility, the inquiring user licencing key of experimental group of applying for cooperating;
B) database facility returns Query Result;
C) core control equipment is inputed password and database preservation password by the comparison user, determines that the user has the right to add the cooperation experimental group;
(3) obtain user login information:
A) core control equipment sends instruction to database facility, the user login information of preserving during the inquiring user login;
B) database facility returns Query Result;
(4) start network status monitoring mechanism:
A) nucleus equipment is delivered to network status monitoring equipment with user login information, user network state information and the request of startup network status monitoring;
B) the network status monitoring device start is to user's network status monitoring;
C) core control equipment sends instruction to database facility, preserves the information at " book keeping operation begin to carry out in " mark of active user;
D) database facility is preserved information, and the result of return success;
(5) obtain subscriber authorisation:
A) core control equipment is delivered to Certificate Authority book keeping operation equipment with user login information;
B) Certificate Authority book keeping operation equipment sends instruction to database facility, the inquiring user authorization message;
C) database facility returns Query Result;
D) Certificate Authority book keeping operation equipment is delivered to core control equipment with authorized user message;
E) core control equipment determines that by the experimental bench of the use of applying in comparison authorized user message and the user request information user has authority to use the experimental bench of the use of applying for;
(6) obtain experimental bench and the essential information of corresponding experimental state monitoring equipment:
A) core control equipment sends instruction to database facility, the incidence relation of inquiry cooperation experimental group and experimental bench;
B) database facility returns Query Result;
C) core control equipment sends instruction to database facility, the essential information of inquiry institute application experimental bench and the essential information of corresponding experimental state monitoring equipment;
D) database facility returns Query Result;
(7) preserve the incidence relation of user and the experimental group of cooperating:
A) core control equipment sends instruction to database facility, preserves the incidence relation of user and the experimental group of cooperating;
B) database facility is preserved information, and returns Query Result;
(8) be provided with the user to experimental bench and the access permission of corresponding experimental state monitoring equipment:
A) core control equipment sends grant instruction to terminal control device, makes the user connect experimental bench by terminal control device;
B) core control equipment sends grant instruction to experimental state monitoring terminal control appliance, makes user's status monitoring terminal control device connection experimental state monitoring equipment by experiment;
(9) parameter with experimental bench and experimental state monitoring equipment feeds back to the user:
A) core control equipment is delivered to portal service equipment with experimental bench parameter and corresponding experimental state monitoring equipment parameter;
B) portal service equipment feedback information is to the user;
(10) book keeping operation beginning:
A) core control equipment begins to ask to deliver to Certificate Authority book keeping operation equipment with user login information and book keeping operation;
B) Certificate Authority book keeping operation equipment is kept accounts and is begun operation;
C) core control equipment sends instruction to database facility, and deletion is at the information of " book keeping operation begin to carry out in " mark of active user;
D) database facility deletion information, and the result of return success.
The third situation: single experiment book keeping operation beginning processing procedure, testing first book keeping operation that begins experiment user with multiple person cooperational, to begin processing procedure identical, and in this processing procedure, the cooperation experimental group includes only a people.
Step 3: book keeping operation end process step, as shown in Figure 4, the processing procedure that comprises following two kinds of situations: the book keeping operation treatment step of normal termination and the book keeping operation treatment step of abnormal ending, wherein, the book keeping operation treatment step of normal termination comprises: multiple person cooperational experiment non-last withdraw from the user's of experiment the book keeping operation end process process, the book keeping operation end process process of normal termination that multiple person cooperational is tested last user who withdraws from experiment, the book keeping operation end process process of single experiment normal termination of normal termination; The book keeping operation treatment step of abnormal ending comprises: multiple person cooperational experiment non-last withdraw from the user's of experiment book keeping operation end process process, the book keeping operation end process process of abnormal ending that multiple person cooperational is tested last user who withdraws from experiment and the book keeping operation end process process of single experiment abnormal ending of abnormal ending.
Multiple person cooperational experiment non-last withdraw from the user's of experiment the book keeping operation end process process of normal termination, shown in Fig. 4-1 and Fig. 4-2, comprising:
(1) obtain user request information:
A) user's ending request of will keeping accounts is committed to portal service equipment;
B) the book keeping operation ending request that will receive of portal service equipment is delivered to core control equipment;
(2) obtain user profile:
A) core control equipment sends instruction to database facility, the user login information of preserving during the inquiring user login;
B) database facility returns Query Result;
C) core control equipment sends instruction to database facility, cooperation experimental group title, the member's tabulation of cooperation experimental group and member condition under the inquiring user;
D) database facility will return Query Result;
E) core control equipment determines still have other users not finish experiment in the affiliated cooperation of the active user experimental group, and promptly the active user tests for non-last people withdraws from cooperation;
(3) stop network status monitoring mechanism:
A) core control equipment is with user login information, user network state information and stop the network status monitoring request and deliver to network status monitoring equipment;
B) network status monitoring equipment stops the network status monitoring to the user;
(4) book keeping operation finishes:
A) core control equipment is delivered to Certificate Authority book keeping operation equipment with user login information and book keeping operation ending request;
B) the Certificate Authority book keeping operation equipment end operation of keeping accounts;
(5) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment:
A) core control equipment sends instruction to terminal control device, and the cancellation user is by the access permission of terminal control device visit experimental bench;
B) core control equipment sends instruction to experimental state monitoring terminal control appliance, and the cancellation user is the access permission of status monitoring terminal control device connection experimental state monitoring equipment by experiment;
(6) remove the incidence relation of user and the experimental group of cooperating:
A) core control equipment sends instruction to database facility, and the mark user has finished experiment;
The result of b) database facility executable operations, and return success;
(7) feedback result is to the user:
A) the core control equipment end operation result that will keep accounts delivers to portal service equipment;
B) portal service equipment feeds back to the user with operating result;
Multiple person cooperational is tested the book keeping operation end process process of last normal termination of withdrawing from experiment user, shown in Fig. 4-1 and Fig. 4-3, comprising:
(1) obtain user request information:
A) user's ending request of will keeping accounts is delivered to portal service equipment;
B) the book keeping operation ending request that will receive of portal service equipment is delivered to core control equipment;
(2) obtain user login information:
A) core control equipment sends instruction to database facility, the user login information of preserving during the inquiring user login;
B) database facility returns Query Result;
C) core control equipment sends instruction to database facility, cooperation experimental group title, the member's tabulation of cooperation experimental group and member condition under the inquiring user;
D) database facility returns Query Result;
E) core control equipment determines that not had other users in the affiliated cooperation of the active user experimental group does not finish experiment, and promptly the active user withdraws from the cooperation experiment for last people;
(3) stop network status monitoring mechanism:
A) core control equipment is with user login information, user network state information and stop the network status monitoring request and deliver to network status monitoring equipment;
B) network status monitoring equipment stops the network status monitoring to the user;
(4) book keeping operation finishes:
A) core control equipment is delivered to Certificate Authority book keeping operation equipment with user login information and book keeping operation ending request;
B) the Certificate Authority book keeping operation equipment end operation of keeping accounts;
(5) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment:
A) core control equipment sends instruction to terminal control device, and the cancellation user is by the access permission of terminal control device visit experimental bench;
B) core control equipment sends instruction to experimental state monitoring terminal control appliance, and the cancellation user is the access permission of status monitoring terminal control device connection experimental state monitoring equipment by experiment;
(6) record experimental implementation process and result and initialization apparatus:
A) core control equipment sends instruction to database facility, the incidence relation of inquiry cooperation experimental group and experimental bench;
B) database facility returns Query Result;
C) core control equipment sends instruction to database facility, the essential information of inquiry experimental bench;
D) database facility returns Query Result;
E) core control equipment writes down the experimental implementation result by the experimental facilities in the terminal control device connection experimental bench;
F) core control equipment connects log services equipment, extracts the record of the experimental implementation process of this time cooperating;
G) core control equipment sends instruction to database facility, preserves experimental implementation process and result's record;
The result of h) database facility executable operations, and return success;
I) core control equipment sends instruction to database facility, sets up experimental implementation process, object information and the experimental group member's that cooperates incidence relation;
The result of j) database facility executable operations, and return success;
K) core control equipment connects the experimental facilities in the experimental bench and carries out initialization operation by terminal control device;
L) core control equipment by experiment the status monitoring terminal control device connect the experimental state monitoring equipment of experimental bench correspondence and carry out initialization operation;
(7) remove the incidence relation of user and the experimental group of cooperating:
A) core control equipment sends instruction to database facility, the incidence relation of deletion cooperation experimental group and group membership's incidence relation and experimental bench and the experimental group of cooperating;
B) database facility deletion information, and return successful result;
C) core control equipment sends instruction to database facility, deletion cooperation experimental group;
D) database facility deletion information, and return result;
(8) feedback result is to the user:
A) the core control equipment end operation result that will keep accounts delivers to portal service equipment;
B) portal service equipment feeds back to the user with operating result;
The book keeping operation end process process of single experiment normal termination, the book keeping operation end process process of testing last normal termination of withdrawing from experiment user with multiple person cooperational is identical, and in this processing procedure, the cooperation experimental group includes only a people.
Multiple person cooperational experiment non-last withdraw from the book keeping operation end process process of the abnormal ending of experiment user, shown in Fig. 4-4 and Fig. 4-5, comprising:
(1) monitor unusual off-line:
A) take place when unusual when the network status monitoring monitoring of equipment connects in the situation lower network of not submitting the book keeping operation ending request to the user, network status monitoring equipment is submitted the book keeping operation ending request of user's abnormal ending to core control equipment;
B) network status monitoring equipment stops the network status monitoring to the user;
(2) obtain user login information:
A) core control equipment sends instruction to database facility, the user login information of preserving during the inquiring user login;
B) database facility returns Query Result;
C) core control equipment sends instruction to database facility, cooperation experimental group title, the member's tabulation of cooperation experimental group and member condition under the inquiring user;
D) database facility returns Query Result;
E) core control equipment determines still have the user not finish experiment in the affiliated cooperation of the active user experimental group, and promptly the active user tests for non-last people withdraws from cooperation;
(3) book keeping operation finishes:
A) core control equipment is delivered to Certificate Authority book keeping operation equipment with user login information and book keeping operation ending request;
B) the Certificate Authority book keeping operation equipment end operation of keeping accounts;
(4) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment:
A) core control equipment sends instruction to terminal control device, and the cancellation user is by the access permission of terminal control device visit experimental bench;
B) core control equipment sends instruction to experimental state monitoring terminal control appliance, and cancellation user status monitoring terminal control device by experiment connects experimental state monitoring equipment access permission;
(5) remove the incidence relation of user and the experimental group of cooperating:
A) core control equipment sends instruction to database facility, and the mark user has finished experiment;
The result of b) database facility executable operations, and return success;
Multiple person cooperational is tested the book keeping operation end process process of last abnormal ending of withdrawing from experiment user, shown in Fig. 4-4 and Fig. 4-6, comprising:
(1) monitor unusual off-line:
A) take place when unusual when the network status monitoring monitoring of equipment connects in the situation lower network of not submitting the book keeping operation ending request to the user, network status monitoring equipment is submitted the book keeping operation ending request of user's abnormal ending to core control equipment;
B) network status monitoring equipment stops the network status monitoring to the user;
(2) obtain user login information:
A) core control equipment sends instruction to database facility, the user login information of preserving during the inquiring user login;
B) database facility returns Query Result;
C) core control equipment sends instruction to database facility, cooperation experimental group title, the member's tabulation of cooperation experimental group and member condition under the inquiring user;
D) database facility returns Query Result;
E) core control equipment determines that not had other users in the affiliated cooperation of the active user experimental group does not finish experiment, and promptly the active user withdraws from the cooperation experiment for last people;
(3) book keeping operation finishes:
A) core control equipment is delivered to Certificate Authority book keeping operation equipment with user login information and book keeping operation ending request;
B) the Certificate Authority book keeping operation equipment end operation of keeping accounts;
(4) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment:
A) core control equipment sends instruction to terminal control device, and the cancellation user is by the access permission of terminal control device visit experimental bench;
B) core control equipment sends instruction to experimental state monitoring terminal control appliance, and the cancellation user is the access permission of status monitoring terminal control device connection experimental state monitoring equipment by experiment;
(5) record experimental implementation process and result and initialization apparatus:
A) core control equipment sends instruction to database facility, the incidence relation of inquiry cooperation experimental group and experimental bench;
B) database facility returns Query Result;
C) core control equipment sends instruction to database facility, the essential information of inquiry experimental bench;
D) database facility returns Query Result;
E) core control equipment writes down the experimental implementation result by the experimental facilities in the terminal control device connection experimental bench;
F) core control equipment connects log services equipment, extracts the record of the experimental implementation process of this time cooperating;
G) core control equipment sends instruction to database facility, preserves experimental implementation process and result's record;
The result of h) database facility executable operations, and return success;
I) core control equipment sends instruction to database facility, sets up experimental implementation process, object information and cooperates experimental group member corresponding relation;
The result of j) database facility executable operations, and return success;
K) core control equipment connects the experimental facilities in the experimental bench and carries out initialization operation by terminal control device;
L) core control equipment by experiment the status monitoring terminal control device connect the experimental state monitoring equipment of experimental bench correspondence and carry out initialization operation;
(6) remove the incidence relation of user and the experimental group of cooperating:
A) core control equipment sends instruction to database facility, the incidence relation of deletion cooperation experimental group and group membership's incidence relation and experimental bench and the experimental group of cooperating;
B) database facility deletion information, and the result of return success;
C) core control equipment sends instruction to database facility, deletion cooperation experimental group;
D) database facility deletion information, and the result of return success.
The book keeping operation end process process of single experiment abnormal ending, the book keeping operation end process process of testing last abnormal ending of withdrawing from experiment user with multiple person cooperational is identical, and in this processing procedure, the cooperation experimental group includes only a people.
Embodiment of the present invention is illustrative; rather than it is determinate; therefore the present invention is not limited to the embodiment described in the embodiment, and every other execution modes that drawn by those skilled in the art's technical scheme according to the present invention belong to the scope of protection of the invention equally.
Claims (7)
1. a laboratory remote access control method is characterized in that: comprise the steps:
Step 1, the Certificate Authority treatment step;
Step 2, book keeping operation beginning treatment step;
Step 3, book keeping operation end process step.
2. laboratory according to claim 1 remote access control method is characterized in that: the described Certificate Authority treatment step of step 1 comprises:
(1) obtains user login information;
(2) obtain authentication, authorization message;
(3) obtain and to use experimental bench;
(4) cache user log-on message;
(5) feedback result is to the user.
3. laboratory according to claim 1 remote access control method is characterized in that: the described book keeping operation of step 2 begins treatment step and comprises following processing procedure: multiple person cooperational is tested first book keeping operation that begins experiment user and is begun the non-book keeping operation that first begins experiment user of processing procedure, multiple person cooperational experiment and begin processing procedure and single experiment book keeping operation beginning processing procedure.
4. laboratory according to claim 3 remote access control method is characterized in that: described multiple person cooperational is tested first book keeping operation that begins experiment user and is begun processing procedure and comprise the steps:
(1) obtains user request information;
(2) obtain user login information;
(3) start network status monitoring mechanism;
(4) obtain subscriber authorisation;
(5) obtain idle experimental bench inventory;
(6) obtain experimental bench and the essential information of corresponding experimental state monitoring equipment;
(7) preserve the incidence relation of user, experimental bench and the experimental group of cooperating;
(8) initialization experimental bench and corresponding experimental state monitoring equipment;
(9) be provided with the user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(10) experimental bench and corresponding experimental state monitoring equipment parameter are fed back to the user;
(11) book keeping operation beginning;
The non-book keeping operation beginning process that first begins experiment user of described multiple person cooperational experiment comprises the steps:
(1) obtains user request information;
(2) checking cooperation experimental group mandate;
(3) obtain user login information;
(4) start network status monitoring mechanism;
(5) obtain subscriber authorisation;
(6) obtain experimental bench and the essential information of corresponding experimental state monitoring equipment;
(7) preserve the incidence relation of user and the experimental group of cooperating;
(8) be provided with the user to experimental bench and the access permission of corresponding experimental state monitoring equipment
(9) experimental bench and corresponding experimental state monitoring equipment parameter are fed back to the user;
(10) book keeping operation beginning;
Described single experiment book keeping operation beginning process and multiple person cooperational are tested first book keeping operation that begins experiment user to begin processing procedure identical, and the experimental group of cooperating in this processing procedure includes only a people.
5. laboratory according to claim 1 remote access control method is characterized in that: the described book keeping operation end process of step 3 step comprises following processing procedure: the book keeping operation treatment step of normal termination and the book keeping operation treatment step of abnormal ending.
6. laboratory according to claim 5 remote access control method, it is characterized in that: the book keeping operation treatment step of described normal termination comprises: multiple person cooperational experiment non-last withdraw from the user's of experiment the book keeping operation end process process of normal termination, multiple person cooperational is tested last user's who withdraws from experiment the book keeping operation end process process of normal termination and the book keeping operation end process process of single experiment normal termination, wherein:
The experiment of described multiple person cooperational non-last withdraw from the user's of experiment the book keeping operation end process process of normal termination, comprise the steps:
(1) obtains user request information;
(2) obtain user profile;
(3) stop network status monitoring mechanism;
(4) book keeping operation finishes;
(5) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(6) remove the incidence relation of user and the experimental group of cooperating;
(7) feedback result is to the user;
Described multiple person cooperational is tested the book keeping operation end process process of last normal termination of withdrawing from experiment user, comprises the steps:
(1) obtains user request information;
(2) obtain user login information;
(3) stop network status monitoring mechanism;
(4) book keeping operation finishes;
(5) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(6) record experimental implementation process and result and initialization apparatus;
(7) remove the incidence relation of user and the experimental group of cooperating;
(8) feedback result is to the user;
The book keeping operation end process process that the book keeping operation end process process and the multiple person cooperational of described single experiment normal termination tested last normal termination of withdrawing from experiment user is identical, and in this processing procedure, the cooperation experimental group includes only a people.
7. laboratory according to claim 5 remote access control method, it is characterized in that: the book keeping operation treatment step of described abnormal ending comprises: multiple person cooperational experiment non-last withdraw from the user's of experiment the book keeping operation end process process of abnormal ending, multiple person cooperational is tested last user's who withdraws from experiment the book keeping operation end process process of abnormal ending and the book keeping operation end process process of single experiment abnormal ending, wherein:
The experiment of described multiple person cooperational non-last withdraw from the user's of experiment the book keeping operation end process process of abnormal ending, comprise the steps:
(1) monitors unusual off-line;
(2) obtain user login information;
(3) book keeping operation finishes;
(4) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(5) remove the incidence relation of user and the experimental group of cooperating;
Described multiple person cooperational is tested the book keeping operation end process process of last abnormal ending of withdrawing from experiment user, comprises the steps:
(1) monitors unusual off-line;
(2) obtain user login information;
(3) book keeping operation finishes;
(4) the cancellation user to experimental bench and the access permission of corresponding experimental state monitoring equipment;
(5) record experimental implementation process and result and initialization apparatus;
(6) remove the incidence relation of user and the experimental group of cooperating;
The book keeping operation end process process of described single experiment abnormal ending, the book keeping operation end process process of testing last abnormal ending of withdrawing from experiment user with multiple person cooperational is identical, and in this processing procedure, the cooperation experimental group includes only a people.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110008883.7A CN102082829B (en) | 2011-01-17 | 2011-01-17 | Remote laboratory access control method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110008883.7A CN102082829B (en) | 2011-01-17 | 2011-01-17 | Remote laboratory access control method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102082829A true CN102082829A (en) | 2011-06-01 |
| CN102082829B CN102082829B (en) | 2014-10-22 |
Family
ID=44088578
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110008883.7A Active CN102082829B (en) | 2011-01-17 | 2011-01-17 | Remote laboratory access control method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102082829B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108107778A (en) * | 2017-12-14 | 2018-06-01 | 华东理工大学 | A kind of intelligent management system towards laboratory safety |
| CN110140179A (en) * | 2016-10-26 | 2019-08-16 | 拜克门寇尔特公司 | The long-range monitoring of Laboratory Instruments |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1801743A (en) * | 2005-10-13 | 2006-07-12 | 华为技术有限公司 | Terminal equipment managing method |
-
2011
- 2011-01-17 CN CN201110008883.7A patent/CN102082829B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1801743A (en) * | 2005-10-13 | 2006-07-12 | 华为技术有限公司 | Terminal equipment managing method |
Non-Patent Citations (2)
| Title |
|---|
| 《实验室科学》 20100430 肖涛 "远程网络实验室的设计与规划" 第120-121页 1-3 第13卷, 第2期 * |
| 肖涛: ""远程网络实验室的设计与规划"", 《实验室科学》, vol. 13, no. 2, 30 April 2010 (2010-04-30), pages 120 - 121 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110140179A (en) * | 2016-10-26 | 2019-08-16 | 拜克门寇尔特公司 | The long-range monitoring of Laboratory Instruments |
| CN108107778A (en) * | 2017-12-14 | 2018-06-01 | 华东理工大学 | A kind of intelligent management system towards laboratory safety |
| CN108107778B (en) * | 2017-12-14 | 2020-12-25 | 华东理工大学 | Intelligent management system for laboratory safety |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102082829B (en) | 2014-10-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103620615A (en) | Access control architecture | |
| US9826100B2 (en) | Usage tracking for software as a service (SaaS) applications | |
| CN103236969B (en) | A kind of gateway system for cloud service accounting management and method | |
| EP2706700A1 (en) | Computer account management system and implementation method thereof | |
| CN105450636A (en) | Cloud computing management system and management method of cloud computing management system | |
| CN107948201A (en) | The purview certification method and system in Docker mirror images warehouse | |
| US20100138901A1 (en) | Managing Online Shop Using Instant Messaging System | |
| CN103618752A (en) | Virtual machine remote desktop safety access system and method | |
| CN105262780B (en) | A kind of authority control method and system | |
| CN104754582A (en) | Client and method for maintaining BYOD (Bring Your Own Device) safety | |
| CN105577677A (en) | Remote login method and system based on J2EE | |
| CN104348687B (en) | A kind of method and electronic equipment of generation authorization | |
| CN106101054A (en) | The single-point logging method of a kind of multisystem and centralized management system | |
| JP2014534515A5 (en) | ||
| CN108092988A (en) | Unaware Certificate Authority network system and method based on dynamic creation temporary password | |
| CN110502315A (en) | A kind of method, apparatus and system remotely accessing physical machine | |
| CN110971566A (en) | Account unified management method, system and computer readable storage medium | |
| CN104753960A (en) | Single-point login based system configuration management method | |
| CN113111339A (en) | Access control method, device, equipment and medium for application service | |
| CN102427459A (en) | Offline authorization method based on Usbkeys | |
| CN106685955A (en) | Radius-based video monitoring platform security certification method | |
| CN102082829B (en) | Remote laboratory access control method | |
| KR101195292B1 (en) | Apparatus and method for managing identity | |
| CN108011978A (en) | A kind of method and system using mobile terminal APP control spliced display walls | |
| CN116170234A (en) | Single sign-on method and system based on virtual account authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |