CN102130777B - Network management system and method for ensuring consistency with data of safety management system - Google Patents
Network management system and method for ensuring consistency with data of safety management system Download PDFInfo
- Publication number
- CN102130777B CN102130777B CN201010034320.0A CN201010034320A CN102130777B CN 102130777 B CN102130777 B CN 102130777B CN 201010034320 A CN201010034320 A CN 201010034320A CN 102130777 B CN102130777 B CN 102130777B
- Authority
- CN
- China
- Prior art keywords
- management system
- network management
- secure data
- authorized
- authenticated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention provides a network management system and a method for ensuring consistency with data of a safety management system. The method comprises the following steps: configuring a remote method invocation interface in the network management system, and providing a remote method by the interface; and invocating the remote method provided by the network management system via the safety management system so as to acquire the safety data of the network management system, and configuring the operation result aiming at self safety data to the network management system. According to the invention, a lightweight directory access protocol (LDAP) database is not required to establish, and the remote method invocation interface is directly used to keep the consistency of the safety data in the safety management system with the safety data in the network management system. Therefore, the realization is easy, and the data synchronization between two terminals can be used to improve the synchronizing efficiency; and in addition, and the costs of development, device investment and maintenance are reduced.
Description
Technical field
The present invention relates to communication technical field, particularly relate to a kind of method, system and a kind of network management system that guarantees network management system and safety management system data consistency.
Background technology
In communication system, webmastering software is disposing, is monitoring, safeguards that each network element device normally plays an important role aspect the operation.For example, at TD-SCDMA (Time Division-Synchronous Code Division Multiple Access, the Time Division-Synchronous Code Division Multiple Access access) in the technology, network management system (OMC, Operation Maintenance Center, the network operation maintenance centre) provides the unified NE management that Access Network (RNS) and core net (CN) are integrated in one, to the unified management of TD-SCDMA equipment.
In order to guarantee safety of user information and management convenience in the TD-SCDMA network management system, all secure datas of network management system need be concentrated unified management in its safety system, described safety system is called the 4A management system.The full name of 4A is Accounting, Authentication, Authorization, Audit, refers to Account Administration, authentication, mandate, audit respectively.
Need be through authentication when the user logins the TD-SCDMA network management system, granted rights again after authentication is passed through, system is allowed for access.After inserting the 4A management system, the Certificate Authority function can be finished in network management system, also can finish in the 4A management system, so the secure data in the secure data of network management system and the 4A management system need be consistent.
With reference to Fig. 1, a kind of general assurance network management system with the consistent method of 4A management system secure data is at present: add a LDAP (Lightweight Directory Access Protocol in network management system, Light Directory Access Protocol) database and the corresponding interface (being used for finishing establishment, modification, deletion, inquiry, operation such as synchronous), be used for to preserve all secure datas (comprising: operating right, role, user's group, user etc.) of network management system, and the secure data on the regularly synchronous 4A management system, network management system, ldap server.
Concrete synchronizing process is as follows:
When at 4A management system centralized management secure data, after it is operated secure data (user, role, operating right etc.), need call in the ldap database that ldap interface is set to network management system, network management system should regularly be synchronized to the secure data in the ldap database in the existing oracle database.When in network management system management inherently safe data, after it is operated secure data (user, role, operating right etc.), need calling interface to be set in the ldap database, the 4A management system should regularly be synchronized to the secure data in the ldap database in the self database.
There is following shortcoming in above-mentioned implementation:
First, owing to introduced ldap database, original Oracle secure data three unanimity in LDAP secure data, the network management system in needs maintenance 4A management system secure data, the network management system, also need in the time of synchronously to carry out respective handling (upgrade buffer memory, send Notification of Changes etc.) according to the difference of secure data, synchronous efficiency is low, realization is complicated;
The second, need set up a ldap database, increased the cost that exploitation, equipment drop into, safeguard.
In sum, how to make things convenient for, realize efficiently the secure data consistency of network management system and safety management system (as the 4A management system), become technological difficulties.
Summary of the invention
Technical problem to be solved by this invention provides a kind of method and system that guarantee network management system and safety management system data consistency, realizes problem complicated, inefficiency to solve existing method.
Accordingly, the present invention also provides a kind of network management system, can simple and easy, quickly and reliably adaptive safety management system.
In order to address the above problem, the invention discloses a kind of method that guarantees network management system and safety management system data consistency, comprising: the RMI interface is set in network management system, provides remote method by this interface; Safety management system obtains the secure data of network management system by calling the remote method that described network management system provides, and will be set to network management system to the operating result of inherently safe data; Wherein, safety management system is by calling the remote method that described network management system provides, and the secure data that obtains network management system comprises: when switching to the safety management system managing secure data, and the authority of handling safety data in the locking network management system; Network management system notice safety management system calls the remote method that network management system provides, and obtains the secure data of network management system, and carries out synchronously with self secure data.
Preferably, safety management system is by calling the remote method that described network management system provides, to be set to network management system to the operating result of inherently safe data comprises: when safety management system is operated the secure data of self, earlier operating result is set in the local data base, the remote method that calling network management system again provides is set to operating result in the database of network management system.
Preferably, when safety management system is set to the database of network management system with operating result, arrange make mistakes after, safety management system will carry out rollback to the setting in its data storehouse.
Preferably, described method also comprises: when switching to the network management system managing secure data, forbid that earlier safety management system calls the secure data that remote method arranges network management system, and enable the authority of self handling safety data; Network management system is operated the secure data of self then, and operating result is set in the local data base.
Preferably, described method also comprises: network management system is judged the authenticated/authorized source, if the network management system authenticated/authorized is then carried out authenticated/authorized in network management system inside; If the safety management system authenticated/authorized is then called the authenticated/authorized interface that safety management system provides, carry out authenticated/authorized at safety management system, and the authenticated/authorized result is returned to network management system.
Preferably, described method also comprises: the client by network management system arranges secure data managed source, certification source and mandate source.
The present invention also provides a kind of network management system, comprising:
The secure data database is used for preserving secure data;
The RMI interface, be used for providing remote method to safety management system, safety management system obtains the secure data of network management system by the remote method that the described network management system of this interface interchange provides, and will be set to network management system to the operating result of inherently safe data;
The secure data administration module, be used for when switching to the safety management system managing secure data, the authority of handling safety data in the locking network management system, and to the safety management system message of giving notice, the notice safety management system obtains the secure data of network management system by the RMI interface, finish secure data synchronously.
Preferably, described secure data administration module also is used for when switching to the network management system managing secure data, forbid that earlier safety management system arranges the secure data of network management system by the RMI interface, and enable the authority of self handling safety data, then the secure data of self is operated, and operating result is set in the local secure data database.
Preferably, described network management system also comprises: the authenticated/authorized module is used for judging the authenticated/authorized source, if the network management system authenticated/authorized is then carried out authenticated/authorized in network management system inside; If the safety management system authenticated/authorized, the authenticated/authorized interface that then calling safety management system provides carries out authenticated/authorized at safety management system, and receives the authenticated/authorized result that safety management system returns.
Preferably, described network management system also comprises: client is used for arranging secure data managed source, certification source and mandate source.
The present invention also provides a kind of system that guarantees network management system and safety management system data consistency, comprises network management system and safety management system, wherein,
Described network management system comprises:
The secure data database is used for preserving secure data;
The RMI interface is used for providing remote method to safety management system;
Described safety management system comprises:
The secure data database is used for preserving secure data;
The secure data administration module, the RMI interface for providing by described network management system calls the secure data that remote method obtains network management system, and will be set to network management system to the operating result of inherently safe data;
Described network management system also comprises: the secure data administration module, be used for when switch to the safety management system managing secure data, and lock the authority of handling safety data in the network management system, and to the safety management system message of giving notice; Then the secure data administration module of described safety management system is according to described notification message, obtains the secure data of network management system by the RMI interface, finish secure data synchronously.
Preferably, the secure data administration module of described network management system also is used for when switching to the network management system managing secure data, forbid that earlier safety management system arranges the secure data of network management system by the RMI interface, and enable the authority of self handling safety data, then the secure data of self is operated, and operating result is set in the local secure data database.
Preferably, described network management system also comprises: the authenticated/authorized module is used for judging the authenticated/authorized source, if the network management system authenticated/authorized is then carried out authenticated/authorized in network management system inside; If the safety management system authenticated/authorized, the authenticated/authorized interface that then calling safety management system provides carries out authenticated/authorized at safety management system; Described safety management system also comprises: authenticated/authorized interface and authenticated/authorized module, described authenticated/authorized module are used for carrying out in this locality authenticated/authorized, and by described authenticated/authorized interface the authenticated/authorized result are returned to network management system.
Compared with prior art, the present invention has the following advantages:
At first, the present invention does not need to build ldap database, and be to use RMI (the Remote Method Invocation that is arranged on network management system, RMI) interface directly keeps the consistent of secure data in safety management system (as the 4A management system) secure data and the network management system by RMI interface interchange remote method.The present invention can regard safety management system as a client in the network management system, and the RMI interface of client and server (being network management system) exists, and it goes without doing substantially revises, and just can directly use.Therefore, the present invention realizes simply, carries out data sync and improved synchronous efficiency between two ends; And, reduced the cost that exploitation, equipment drop into, safeguard.
Secondly, the present invention can not produce the inconsistent situation of two end datas.Because when the secure data managed source is switched mutually, can forbid that all the other end operates secure data.And when switching to the safety management system managing secure data, safety management system can call the secure data that remote method obtains network management system, and the secure data at two ends is consistent; Simultaneously, when safety management system is operated the secure data of self, also can in real time operating result be set to network management system by the RMI interface, and after setting makes mistakes, to carry out rollback to the setting in its data storehouse, thereby avoid the handover management source and revised secure data causing that data are inconsistent conflicts.
Again, the present invention can be finished by network management system user's authenticated/authorized, also can be finished by safety management system.When carrying out authenticated/authorized by safety management system, network management system can be called the authenticated/authorized interface that safety management system provides, carry out authenticated/authorized at safety management system, and then by described authenticated/authorized interface the authenticated/authorized result is returned to network management system.Therefore, the present invention has also guaranteed the reliability of secure data.
Description of drawings
Fig. 1 guarantees network management system and the conforming scheme schematic diagram of 4A Management System Data in the prior art;
Fig. 2 is the described assurance network management system of the embodiment of the invention and the conforming scheme schematic diagram of 4A Management System Data;
Fig. 3 is that managed source switches to process chart after the 4A management system in the embodiment of the invention;
Fig. 4 is that managed source switches to process chart after the network management system in the embodiment of the invention;
Fig. 5 is the process chart that carries out authenticated/authorized in the embodiment of the invention;
Fig. 6 is the described assurance network management system of the embodiment of the invention and the conforming system construction drawing of 4A Management System Data.
Embodiment
For above-mentioned purpose of the present invention, feature and advantage can be become apparent more, the present invention is further detailed explanation below in conjunction with the drawings and specific embodiments.
The present invention proposes a kind of easy realization, high efficiency, can expand, the method for the adaptive safety management system of network management system of high reliability, can directly use the RMI interface that is arranged on network management system to keep the consistent of secure data in safety management system secure data and the network management system.
The RMI full name is Remote Method Invocation, and namely RMI is to carry out distributed programmed basic technology among the Java.RMI supports to be stored between the program level object of different address spaces and communicates each other, realizes the seamless far call between the remote object.
The RMI application program generally includes two independently programs: server program and client program.Typical server application will be created a plurality of remote objects, and these remote objects can be cited, and wait for the method for these remote objects of client calls then.Typical client program then obtains quoting of one or more remote objects from server, call the method for remote object then.Transmission provides a kind of mechanism to RMI with information for server and client computer communicate.The present invention utilizes this mechanism to realize the data sync of network management system and safety management system just.
Described " synchronously " summarizes, and is exactly two data sources, and their data all are the same at first.If change (perhaps change has all taken place the data of two data sources) has taken place through operations such as interpolation, modification, deletions in the data of a data source, be consistent for the data that make two data sources so, namely allow the change of a data source data be reflected on another, just must carry out the operation that data that allow two data sources are consistent, " synchronously " just is in this operation.After simultaneous operation finished, the data on two equipment were just in full accord, are in " synchronously " state.
To be that the 4A management system is example with safety management system below, be elaborated by embodiment.
With reference to Fig. 2, be the described assurance network management system of the embodiment of the invention and the conforming scheme schematic diagram of 4A Management System Data.
Be example with the TD-SCDMA network management system still, TD-SCDMA network management system (abbreviation network management system) also can be described as the OMC system.Oracle database is set in the network management system comes storage security information data (abbreviation secure data), also be provided with database in the 4A management system and come the storage security information data.
The managed source of secure data can be network management system, it also can be the 4A management system, in order to guarantee described two systems secure data unanimity in the database separately, use the network management system of Java exploitation that the RMI interface of realizing far call is provided, the 4A management system can realize the synchronous of two end datas by calling described RMI interface.Detailed process is with reference to Fig. 3 and Fig. 4.
With reference to Fig. 3, be that managed source switches to process chart after the 4A management system in the embodiment of the invention.
In the present embodiment, the setting of managed source realizes by the client of network management system, so the operation in handover management source is also finished in the client of network management system.
In the present embodiment, described lock operation is finished in network management system, that is: network management system can not be operated the secure data in the local oracle database.
Network management system is to the 4A management system message of giving notice, and notice 4A management system is obtained the secure data of network management system by RMI interface interchange remote method, compares with self secure data then and finishes synchronously.
As previously mentioned, " synchronously " refers to keep the secure data uniform operation of network management system and 4A management system, and specifically simultaneous operation is described in this slightly.
Like this, after the secure data managed source switched to the 4A management system by network management system, the 4A management system was finished synchronously by the secure data that obtains network management system, and the secure data at two ends is consistent.Then, the 4A management system just can have been operated the security information of self.
Step 304 when the 4A management system is operated the secure data of self, is set to operating result in the local data base earlier, and the remote method that calling network management system again provides is set to operating result in the database of network management system.
Be after the 4A management system is operated (as operations such as establishment, modification, deletion, inquiries) to the security information of self, also to need to be synchronized in real time network management system, can keep the unanimity of two end datas so in real time; Simultaneously, network management system can also be monitored the 4A management system to any operation of secure data.
Preferably, arrange in the process of network management system data block by the RMI interface in the 4A management system, make mistakes if arrange, the 4A management system also can be carried out rolling back action with the setting to its data storehouse, state before secure data in its data storehouse being returned to arrange, thus the consistency of 4A management system and network management system secure data guaranteed.
In sum, after managed source switches to the 4A management system, guarantee the data consistent of 4A management system and network management system by following three aspects:
The first, the authority of handling safety data in the locking network management system, purpose is to avoid network management system and 4A management system simultaneously secure data to be operated, and namely guarantees to have only managed source to operate secure data;
The second, 4A management system is called the secure data that the RMI interface obtains network management system, guarantees after the handover management source, and 4A management system elder generation is consistent with the secure data of network management system;
The 3rd, 4A management system need be called the RMI interface and in real time operating result is set to network management system after the secure data in its data storehouse is operated, the consistency of two end datas behind the assurance modification secure data.
With reference to Fig. 4, be that managed source switches to process chart after the network management system in the embodiment of the invention.
Step 401 switches to the network management system managing secure data with managed source;
Reset managed source in the client of network management system equally.
Step 402 forbids that the 4A management system calls the secure data that remote method arranges network management system;
Whether can call the authority of RMI interface in the network management system setting.
Owing in 4A management system managing secure data, locked the authority of network management system handling safety data, therefore after the handover management source, need restart this authority.
It should be noted that in the embodiment shown in fig. 4 when the secure data managed source was network management system, network management system did not need to be synchronized in real time the 4A management system to the operation of secure data, this is a kind of implementation preferably according to the design of practical application needs.In actual applications, network management system is the main Element management system that at first occurs, and the 4A management system is the system that is used for Account Administration, authentication, mandate, audit of back access, and the 4A management system will keep the data consistent with network management system.Therefore, after managed source switched to the 4A management system, network management system also can be monitored the 4A management system in real time, and any operation of 4A management system all will be synchronized to network management system in real time, and namely the 4A management system wants the data of real-time and network management system to be consistent.And after managed source switches to network management system, any operation of network management system does not need to be synchronized in real time the 4A management system, only need be behind the handover management source, once the secure data of network management system is synchronized to the 4A management system by the 4A management system, guarantees that the data consistent of 4A management system and network management system gets final product.
Thus also as can be known, under this application demand, in the prior art when managed source is network management system, network management system also needs to be synchronized to the 4A management system through ldap database to the operation of secure data, this operation is omissible, therefore realization of the present invention also more realistic application need, simpler, also efficient more, reliable.
Certainly, if use needs according to other, also can arrange when managed source is network management system, the 4A management system is regularly obtained secure data by the RMI interface from network management system, finishes the synchronous unanimity of two end datas.Be that realization of the present invention is not limited to above-described embodiment, can apply in a flexible way according to the different application needs.
In sum, network management system of the present invention does not need to build ldap database, but provides the RMI interface to the 4A management system by network management system when adaptive 4A management system, and the 4A management system is called in needs.Owing to be with 4A management system access management system, so the 4A management system can be regarded as a client in the network management system, the RMI interface of client and server (being network management system) exists, and it goes without doing substantially revises, and just can directly use.Therefore, compared with prior art, the present invention only carries out getting final product synchronously between two data terminals, and realization is simple, efficient, has also reduced the cost that exploitation, equipment drop into, safeguard.
And the present invention can not produce the inconsistent situation of two end datas.In the prior art, after handover security data management source (4A management system, network management system), sync direction can change thereupon, for example: after managed source switches to network management system by the 4A management system, the oracle database of security information sync direction from be synchronized to network management system in the ldap database becomes and is synchronized to 4A Management System Data storehouse.Do not arrive when the synchro timer triggered time, and setting before is not synchronous, if this moment handover security data management source, will cause the inconsistent situation of three's data.But, when the present invention is switched mutually when the secure data managed source, can forbid that all the other end operates secure data.And when switching to 4A management system managing secure data, the 4A management system can be called the secure data that remote method obtains network management system, and the secure data at two ends is consistent; Simultaneously, when the 4A management system is operated the secure data of self, also can in real time operating result be set to network management system by the RMI interface, and after setting makes mistakes, to carry out rollback to the setting in its data storehouse, thereby avoid the handover management source and revised secure data causing that data are inconsistent conflicts.
Foregoing is after network management system inserts the 4A management system, and the user management in the 4A management is illustrated, and the following describes authentication management and empowerment management in the 4A management.
Above-mentioned secure data mainly comprises information such as user, role, authority, and wherein the user identifies with unique account information; The role is the division to every function, is defined as a role as function of browse, and modify feature is defined as another role, and the role is the set of a class authority; Authority is the various concrete operations under the corresponding role, as creating the authority of residential quarter, generates the authority of form etc.
Need be through authentication when the user logins the TD-SCDMA network management system, granted rights again after authentication is passed through, system is allowed for access.Wherein, authentication refers to judge whether user name, password, login time, login IP satisfy account, and described mandate refers to login user type ascribed role (namely giving a class authority).
With reference to Fig. 5, it is the process chart that carries out authenticated/authorized in the embodiment of the invention.
After network management system inserted the 4A management system, the authenticated/authorized function can be finished in network management system, also can finish in the 4A management system.Handling process is as follows:
If the network management system authenticated/authorized, then execution in step 502; If 4A management system authentication/mandate, then execution in step 503;
The setting in authenticated/authorized source is also finished in the client of network management system.
Be that network management system judges whether user name, password, login time, login IP satisfy the account in the local oracle database, further give authority to the user by authentication then.
Be that network management system can be called the authenticated/authorized interface that the 4A management system provides, by this interface authentication informations such as user name, password, login time, login IP are issued the 4A management system, judge whether to satisfy account in the local data base by the 4A management system, further give authority to the user by authentication then, and continue execution in step 504.
In the above-mentioned authenticated/authorized process, if finish authenticated/authorized by the 4A management system, then need the authenticated/authorized result is synchronized to network management system; If finished by network management system, then finish getting final product in network management system inside.
Need to prove that above-mentioned secure data managed source, certification source, arranging usually of mandate source are all finished in the client of network management system, and generally all unify to be set to network management system or 4A management system.But, also secure data managed source, certification source, mandate source can be separated arranging, be about to the secure data managed source and be set to the 4A management system, certification source, mandate source are set to network management system.In this case, can when the 4A management system is made mistakes, guarantee the authentication and authorization of login user, thereby improve the reliability of system.
In addition, it is as follows that network management system offers a kind of RMI interface of 4A management system:
Described RMI interface only provides the far call function of user management, and when the 4A management system realized the authentication and authorization function, described RMI interface can be expanded, and can increase the far call function of role, authority in above-mentioned definition again.
At the explanation of said method embodiment, the present invention also provides corresponding system embodiment.
With reference to Fig. 6, be the described assurance network management system of the embodiment of the invention and the conforming system construction drawing of 4A Management System Data.
Described system mainly comprises network management system 61 and 4A management system 62, and wherein, described network management system 61 mainly comprises:
Secure data database 611 is used for preserving secure data;
RMI interface 612, be used for providing remote method to the 4A management system, the 4A management system is obtained the secure data of network management system by the remote method that the described network management system of this interface interchange provides, and will be set to network management system to the operating result of inherently safe data.
Described network management system 61 can also comprise:
Secure data administration module 613, be used for when switching to 4A management system managing secure data, the authority of handling safety data in the locking network management system, and to the 4A management system message of giving notice, notice 4A management system is obtained the secure data of network management system by the RMI interface, finish secure data synchronously.
Described secure data administration module 613 also is used for when switching to the network management system managing secure data, forbid that earlier the 4A management system arranges the secure data of network management system by the RMI interface, and enable the authority of self handling safety data, then the secure data of self is operated, and operating result is set in the local secure data database.
Described network management system 61 can also comprise:
Authenticated/authorized module 614 is used for judging the authenticated/authorized source, if the network management system authenticated/authorized is then carried out authenticated/authorized in network management system inside; If 4A management system authentication/mandate, the authenticated/authorized interface that then calling the 4A management system provides carries out authenticated/authorized in the 4A management system, and receives the authenticated/authorized result that the 4A management system is returned.
Described network management system 61 can also comprise:
Client 615 is used for arranging secure data managed source, certification source and mandate source.
Described 4A management system 62 mainly comprises:
Secure data database 621 is used for preserving secure data;
Secure data administration module 622, the RMI interface for providing by described network management system calls the secure data that remote method obtains network management system, and will be set to network management system to the operating result of inherently safe data.
Described 4A management system 62 can also comprise:
Authenticated/authorized interface 623 and authenticated/authorized module 624, described authenticated/authorized module are used for carrying out in this locality authenticated/authorized, and by described authenticated/authorized interface the authenticated/authorized result are returned to network management system.
In sum, described network management system 61 is mainly 4A management system 62 RMI interface 612 is provided, 4A management system 62 can be obtained the secure data of network management system 61 by this interface, realize data sync, and the operating result to secure data database 621 can be set in the secure data database 611 of network management system 61 by this interface, thereby realize the realtime uniform of two end datas.Described 4A management system 62 is mainly network management system 61 authenticated/authorized interface 623 is provided, and network management system 61 can be called this interface and carry out authenticated/authorized in 4A management system 62.
The present invention can regard the 4A management system as a client in the network management system, and the RMI interface of client and server (being network management system) exists, and it goes without doing substantially revises, and just can directly use.Therefore, the present invention realizes simply, efficient, reliable, also reduced the cost that exploitation, equipment drop into, safeguard, avoided handover management source and modification secure data to cause that data are inconsistent conflicts simultaneously.
Each embodiment in this specification all adopts the mode of going forward one by one to describe, and what each embodiment stressed is and the difference of other embodiment that identical similar part is mutually referring to getting final product between each embodiment.For system embodiment, because it is similar substantially to method embodiment, so description is fairly simple, relevant part gets final product referring to the part explanation of method embodiment.
More than to a kind of method, system and a kind of network management system that guarantees network management system and safety management system data consistency provided by the present invention, be described in detail, used specific case herein principle of the present invention and execution mode are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to thought of the present invention, the part that all can change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (13)
1. a method that guarantees network management system and safety management system data consistency is characterized in that, comprising:
The RMI interface is set in network management system, provides remote method by this interface;
Safety management system obtains the secure data of network management system by calling the remote method that described network management system provides, and will be set to network management system to the operating result of inherently safe data;
Wherein, safety management system is by calling the remote method that described network management system provides, and the secure data that obtains network management system comprises:
When switching to the safety management system managing secure data, the authority of handling safety data in the locking network management system;
Network management system notice safety management system calls the remote method that network management system provides, and obtains the secure data of network management system, and carries out synchronously with self secure data.
2. method according to claim 1 is characterized in that, safety management system will be set to network management system and comprise by calling the remote method that described network management system provides to the operating result of inherently safe data:
When safety management system is operated the secure data of self, earlier operating result is set in the local data base, the remote method that calling network management system again provides is set to operating result in the database of network management system.
3. method according to claim 2 is characterized in that:
When safety management system is set to the database of network management system with operating result, arrange make mistakes after, safety management system will carry out rollback to the setting in its data storehouse.
4. according to the arbitrary described method of claim 1 to 3, it is characterized in that, also comprise:
When switching to the network management system managing secure data, forbid that earlier safety management system calls the secure data that remote method arranges network management system, and enable the authority of self handling safety data;
Network management system is operated the secure data of self then, and operating result is set in the local data base.
5. method according to claim 1 is characterized in that, also comprises:
Network management system is judged the authenticated/authorized source, if the network management system authenticated/authorized is then carried out authenticated/authorized in network management system inside; If the safety management system authenticated/authorized is then called the authenticated/authorized interface that safety management system provides, carry out authenticated/authorized at safety management system, and the authenticated/authorized result is returned to network management system.
6. method according to claim 1 or 5 is characterized in that, also comprises:
Client by network management system arranges secure data managed source, certification source and mandate source.
7. a network management system is characterized in that, comprising:
The secure data database is used for preserving secure data;
The RMI interface, be used for providing remote method to safety management system, safety management system obtains the secure data of network management system by the remote method that the described network management system of this interface interchange provides, and will be set to network management system to the operating result of inherently safe data;
The secure data administration module, be used for when switching to the safety management system managing secure data, the authority of handling safety data in the locking network management system, and to the safety management system message of giving notice, the notice safety management system obtains the secure data of network management system by the RMI interface, finish secure data synchronously.
8. network management system according to claim 7 is characterized in that:
Described secure data administration module also is used for when switching to the network management system managing secure data, forbid that earlier safety management system arranges the secure data of network management system by the RMI interface, and enable the authority of self handling safety data, then the secure data of self is operated, and operating result is set in the local secure data database.
9. network management system according to claim 7 is characterized in that, also comprises:
The authenticated/authorized module is used for judging the authenticated/authorized source, if the network management system authenticated/authorized is then carried out authenticated/authorized in network management system inside; If the safety management system authenticated/authorized, the authenticated/authorized interface that then calling safety management system provides carries out authenticated/authorized at safety management system, and receives the authenticated/authorized result that safety management system returns.
10. according to claim 7 or 9 described network management systems, it is characterized in that, also comprise:
Client is used for arranging secure data managed source, certification source and mandate source.
11. a system that guarantees network management system and safety management system data consistency comprises network management system and safety management system, it is characterized in that:
Described network management system comprises:
The secure data database is used for preserving secure data;
The RMI interface is used for providing remote method to safety management system;
Described safety management system comprises:
The secure data database is used for preserving secure data;
The secure data administration module, the RMI interface for providing by described network management system calls the secure data that remote method obtains network management system, and will be set to network management system to the operating result of inherently safe data;
Described network management system also comprises:
The secure data administration module is used for when switch to the safety management system managing secure data, locks the authority of handling safety data in the network management system, and to the safety management system message of giving notice;
Then the secure data administration module of described safety management system is according to described notification message, obtains the secure data of network management system by the RMI interface, finish secure data synchronously.
12. system according to claim 11 is characterized in that,
The secure data administration module of described network management system also is used for when switching to the network management system managing secure data, forbid that earlier safety management system arranges the secure data of network management system by the RMI interface, and enable the authority of self handling safety data, then the secure data of self is operated, and operating result is set in the local secure data database.
13. system according to claim 11 is characterized in that:
Described network management system also comprises:
The authenticated/authorized module is used for judging the authenticated/authorized source, if the network management system authenticated/authorized is then carried out authenticated/authorized in network management system inside; If the safety management system authenticated/authorized, the authenticated/authorized interface that then calling safety management system provides carries out authenticated/authorized at safety management system;
Described safety management system also comprises:
Authenticated/authorized interface and authenticated/authorized module, described authenticated/authorized module are used for carrying out in this locality authenticated/authorized, and by described authenticated/authorized interface the authenticated/authorized result are returned to network management system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010034320.0A CN102130777B (en) | 2010-01-15 | 2010-01-15 | Network management system and method for ensuring consistency with data of safety management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010034320.0A CN102130777B (en) | 2010-01-15 | 2010-01-15 | Network management system and method for ensuring consistency with data of safety management system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102130777A CN102130777A (en) | 2011-07-20 |
| CN102130777B true CN102130777B (en) | 2013-08-21 |
Family
ID=44268677
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010034320.0A Active CN102130777B (en) | 2010-01-15 | 2010-01-15 | Network management system and method for ensuring consistency with data of safety management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102130777B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103870727B (en) * | 2012-12-17 | 2018-02-02 | 百度在线网络技术(北京)有限公司 | A kind of method and system for being managed collectively authority |
| CN104468213B (en) * | 2014-12-04 | 2018-10-12 | 上海斐讯数据通信技术有限公司 | A kind of switch remote management system and method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1564129A (en) * | 2004-04-02 | 2005-01-12 | 清华大学 | Method of packing member and consistent visit |
| CN1710853A (en) * | 2004-06-18 | 2005-12-21 | 华为技术有限公司 | Sharing method for customer identification information |
| CN1968105A (en) * | 2006-05-31 | 2007-05-23 | 华为技术有限公司 | Communication network-based charging system and method |
| CN101145945A (en) * | 2007-08-29 | 2008-03-19 | 中兴通讯股份有限公司 | A message bus system and control method in telecommunication network management |
| CN201118607Y (en) * | 2007-11-19 | 2008-09-17 | 上海久隆电力科技有限公司 | Uniform identity authentication platform system |
-
2010
- 2010-01-15 CN CN201010034320.0A patent/CN102130777B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1564129A (en) * | 2004-04-02 | 2005-01-12 | 清华大学 | Method of packing member and consistent visit |
| CN1710853A (en) * | 2004-06-18 | 2005-12-21 | 华为技术有限公司 | Sharing method for customer identification information |
| CN1968105A (en) * | 2006-05-31 | 2007-05-23 | 华为技术有限公司 | Communication network-based charging system and method |
| CN101145945A (en) * | 2007-08-29 | 2008-03-19 | 中兴通讯股份有限公司 | A message bus system and control method in telecommunication network management |
| CN201118607Y (en) * | 2007-11-19 | 2008-09-17 | 上海久隆电力科技有限公司 | Uniform identity authentication platform system |
Non-Patent Citations (3)
| Title |
|---|
| 单晓毅,王鑫彦.基于4A 技术的统一身份管理在企业门户系统中的应用.《信息化纵横》.2009,(第18期), * |
| 基于Java RMI的动态服务分配策略的研究;耿盖;《中国优秀硕士学位论文全文数据库》;20091115(第11期);第8-12页,图2-1、2-2 * |
| 耿盖.基于Java RMI的动态服务分配策略的研究.《中国优秀硕士学位论文全文数据库》.2009,(第11期), |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102130777A (en) | 2011-07-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| RU2671045C2 (en) | Synchronising credential hashes between directory services | |
| CN103297529B (en) | Based on the tree-type structure data synchronous method of timestamp | |
| CN111371739B (en) | Internet of things data access control method based on block chain technology | |
| CN111404924B (en) | Security management and control method, device, equipment and storage medium of cluster system | |
| CN111597536A (en) | Hadoop cluster kerberos high-availability authentication method | |
| CN111628886A (en) | Method and device for building block chain network under private cloud environment, and computer equipment | |
| CN102130777B (en) | Network management system and method for ensuring consistency with data of safety management system | |
| US10420049B2 (en) | Synchronizing configurations between access point controllers over N+1 network | |
| CN112039910B (en) | Method, system, equipment and medium for unified management of authentication and authority | |
| CN105025103A (en) | Cloud routing method and device for application service system based on TUXEDO middleware | |
| CN109660381A (en) | Distribution management method, device, server and storage medium | |
| CN103489023A (en) | Barcode-based data exchange method | |
| CN115604120B (en) | Multi-cloud cluster resource sharing method, device, equipment and storage medium | |
| JP2006508415A (en) | Method and system for distributing data | |
| CN116489170A (en) | Cloud platform-based source data synchronization method, system and medium | |
| CN113612732B (en) | Resource calling method and device and multiparty secure computing system | |
| JPH11249943A (en) | Method and system for synchronous management of distributed data base | |
| CN102196044A (en) | Data transmission method and system | |
| CN112804087B (en) | Method, device, equipment and storage medium for realizing operation of alliance network | |
| CN112804063B (en) | Cascading method and related device | |
| CN114611096A (en) | Method for realizing data warehouse function security engine | |
| CN116095081A (en) | Event processing method and device based on block chain system, equipment and medium | |
| CN103491052A (en) | Multi-user data exchange method | |
| CN111831743A (en) | Block chain data storage system and method based on cloud storage | |
| CN105141616A (en) | Method and device for management of distributed system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| DD01 | Delivery of document by public notice |
Addressee: Wu Guoxin Document name: Notification of Passing Examination on Formalities |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |