CN102622550A - Safe online patch check system facing terminal computers - Google Patents
Safe online patch check system facing terminal computers Download PDFInfo
- Publication number
- CN102622550A CN102622550A CN2012101013264A CN201210101326A CN102622550A CN 102622550 A CN102622550 A CN 102622550A CN 2012101013264 A CN2012101013264 A CN 2012101013264A CN 201210101326 A CN201210101326 A CN 201210101326A CN 102622550 A CN102622550 A CN 102622550A
- Authority
- CN
- China
- Prior art keywords
- patch
- central computer
- computer
- module
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a safe online patch check system facing terminal computers. The system checks all terminal computers online on a central computer in a concentration way, and all the computers are connected together through a network; the system comprises an online check tool, an encapsulation module and a central computer, wherein the encapsulation module is used for packing the online check tool to be in a CAB (Computer Address Bus) packet form and stores a CAB packet on the central computer, the central computer embeds the CAB packet in an IE browser, and terminal computers download the CAB packet from the central computer through the IE browser and automatically install the CAB packet; and all latest patch packet and patch information are stored on the central computer. The system disclosed by the invention encapsulates the check tool to be in the CAB packet form and embeds the CAB packet in the IE browser, thereby avoiding the defect of checking each terminal computer onsite in the prior art and releasing the manpower, and the system can finish all expected check items at one time and finally realize the central online check of all the terminal computers in the network through one central computer, thereby improving the check efficiency.
Description
Technical field
The present invention relates to a kind of patch safety On line inspection system of terminaloriented computing machine, belong to computer security technique inspection field.
Background technology
In large-scale network system, generally including a large amount of various network equipment, for example gateway, router and service is provided, moves server, the client computer of various application programs to the user.Equipment, service, application program, server, client computer and user, even the relation between them all is the object that needs management.Internal height in this large scale network system is complicated, causes managing unusual difficulty, and the management cycle is tediously long, and along with the expansion of system scale, the expense of management also exponentially rule increases.
The outburst of extensive worm-type virus each time, all reminds people will be thought of danger in times of safety, and accomplishes fluently patch, carries out prevention work---and patch more and more becomes an important step of safety management.The continuous change and progress of hacking technique, the time of leaving the keeper for will be fewer and feweri, and patch greatly protecting network and its secret of being carried were installed in the shortest time, also can make still less user avoid the invasion and attack of worm simultaneously.For the numerous user of machine, numerous and diverse manual patch is installed the management that can not adapt to large scale network far away, must rely on new technological means to realize the patch auto-mending to operating system.Therefore, how utilizing the effective technology means to come timely, lasting, stable installation computing machine patch, is the problem that all-network safety manager, information security managerial decision personnel need solution badly.
General operation at present is to utilize independently object is used as at each terminal, manually carries out the related management of patch for each terminal computer, but it is huger to work as network, when number of computers and amount of software are more, and complex management.Simultaneously also not enough real-time has improved the risk of computer security.Even utilize the manual administration patch information also to need the certain computer major technical know-how of user's needs to use, and be provided with loaded down with trivial detailsly, be unfavorable for user's operation.
Summary of the invention
Technology of the present invention is dealt with problems: overcome the deficiency of prior art, a kind of patch safety On line inspection system of terminaloriented computing machine is provided, this system can online in real time concentrate the patch distribution to all terminal computers.
Technical solution of the present invention: the patch safety On line inspection system of terminaloriented computing machine, online on a central computer all terminal computers are concentrated inspection, connect through network between all computing machines; Described system is included in ray examination instrument, package module and central computer; Package module is packaged into the form of CAB bag with the On line inspection instrument and is stored on the central computer; Central computer embeds the IE browser with the CAB bag, and terminal computer is downloaded this CAB through the IE browser from central computer and wrapped and install automatically; All up-to-date service packs and patch informations of storage on the central computer; Said On line inspection instrument comprises tactful customized module, uniform data interface module, patch parsing module, enquiry module and download distribution module;
The user initiates the instruction of patch safety On line inspection through the input of the IE browser on the central computer to every station terminal computing machine, and described patch safety On line inspection instruction comprises online update instruction, patch type and latest edition this shop; CAB bag on every station terminal computing machine starts inspection according to the online updating instruction that receives, and is specific as follows:
The uniform data interface module receives the instruction of patch safety On line inspection through the IE browser, starts the patch parsing module; Instruction parses patch type and latest edition this shop to the patch parsing module according to patch safety On line inspection; And from tactful customized module, obtain the current patch classification of local computer and patch release number, the two is compared, if the current patch release of local computer number less than latest edition this shop, then is sent to the download distribution module with the patch classification; The download distribution module is obtained the corresponding service packs of this patch classification according to the patch classification that receives, and downloads and installs, and state and result after installing are fed back to the patch parsing module; The patch parsing module is according to feedback result, and when installing successfully, the latest edition this shop that the service packs of installing is corresponding passes to tactful customized module; If failure is installed, then download and install again, if in preset number of times restriction, failure is installed always, then notify enquiry module that failure information is shown; Current patch classification and the patch release of storage local computer number in the strategy customized module; And the latest edition this shop that receives and current patch release number compared; When current patch release during number smaller or equal to latest edition this shop, upgrade current patch release number with latest edition this shop; Otherwise, call enquiry module current patch release number shown greater than latest edition this shop.
Described tactful customized module is also stored the current patch sense cycle of local computer; Terminal computer is initiatively initiated the patch renewal through the uniform data interface module according to the patch sense cycle and is applied for that to central computer central computer is sent to this terminal computer with this patch type and latest edition this shop.
The concrete performing step of described download distribution module is following:
(1) the patch classification of the needs renewal of reception patch parsing module transmission is sent to central computer with this patch classification information;
(2) central computer obtains the connected state between the central computer and each terminal computer in the network through Ping order;
(3) central computer sends the network state query statement through the IE browser; The uniform data interface module of corresponding terminal computing machine is obtained this instruction from the IE browser and is sent to the download distribution module; The download distribution module is obtained the connection status with other terminal computer, and the information of obtaining is back to central computer through the uniform data interface module;
(4) central computer is set up a set according to the status information that receives, and as starting point, the state of the terminal computer that traversal is attached thereto is with the corresponding relation that shows between the good computing machine of connected state with central computer in this set<v
i, V
j>Depositing in this set, is in 500 milliseconds the time when the response time of central computer and terminal computer, good connection between expression central computer and the terminal, on the contrary represent that the two connection status for blocking, blocks terminal computer accordingly and be designated as V
kWherein, V
i(i=1) represent central computer, V
j(j ≠ 1) representative and the good terminal computer of central computer connected state;
(5) definite a certain station terminal computing machine V that blocks with central computer in set
KmCorresponding relation, specific as follows:
(5.1) a certain station terminal computing machine V that blocks with central computer in the obtaining step (4)
KmWith the V in step (4) set
jBetween connection state information, if there is the computing machine of good connection, then with the shortest V of response time in the connection state information
jWith corresponding V
KmCorresponding relation<v
j, V
Km>Deposit in the set; If V
jIn do not exist and this station terminal computing machine V
KmThe computing machine of good connection then changes step (5.2);
(5.2) obtain and this station terminal computing machine V
KmThe terminal computer V that other of good connection and central computer block
KnWill<v
Kn, V
Km>Deposit this set in, change (5.3);
(5.3) obtain terminal computer V
KnWith the V in step (4) set
jBetween connection state information, if there is the computing machine of good connection, then with the shortest V of response time in the connection state information
jWith corresponding V
KnCorresponding relation<v
j, V
Kn>Deposit in the set; If there is not the computing machine of good connection, then deletion from set<v
Kn, V
Km>, will<v
1, V
Km>Deposit in the set;
(6) terminal computer that all and central computer block to other is handled according to step (5);
(7) central computer is according to the content in the set; Through IE browser send state information and corresponding service packs; The uniform data interface module that is connected good terminal computer with central computer is obtained status information and service packs from the IE browser, judges whether status information need be forwarded to this service packs other terminal computer.If need, then service packs is forwarded to other terminal computer, and corresponding service packs is installed, return results is given the patch parsing module.
The present invention's advantage compared with prior art is:
(1) system of the present invention through checking tool being packaged into CAB bag form and embed in the IE browser, every station terminal computing machine all being needed to avoid at present the defective of site inspection, liberated manpower; Can disposable completion the project of all expectation inspections, and realize that finally a central computer concentrates on ray examination to all terminal computers in the network, has improved checking efficiency.
(2) system of the present invention provides patch active agency forwarding capability, improves patch and issues efficient, reduces the occupancy of the network bandwidth, saves Internet resources.Can be at the appointed time, (as push away, draw) distribution patch by different way in the specified network scope, perhaps according to the unified control of script strategy client downloads patch.When system monitoring to client being arranged not during patch installing, can push patch to no marking patch client.
(2) system of the present invention provides patch active agency forwarding capability, has improved patch and has issued efficient, has reduced the occupancy of the network bandwidth, has saved Internet resources.Can carry out the propelling movement of patch with the mode of transmitting, and reduce the load factor of central computer according to network-in-dialing state between each node in the current network, guaranteed central computer efficient orderly carry out work.
(3) the present invention can react the patch state that each client is a terminal computer timely, and when state changed, in time return state information was reminded the user, makes computing machine be in all the time in the safe environment.
Description of drawings
Fig. 1 is the system assumption diagram of system of the present invention;
Fig. 2 is the uniform data interface module implementation procedure synoptic diagram in the system of the present invention;
Fig. 3 is the enquiry module implementation procedure synoptic diagram in the system of the present invention;
Fig. 4 is the patch parsing module implementation procedure synoptic diagram in the system of the present invention;
Fig. 5 is a download distribution module implementation procedure synoptic diagram.
Embodiment
Below in conjunction with accompanying drawing the present invention is elaborated
As shown in Figure 1, online on a central computer all terminal computers are concentrated inspection, connect through network between all computing machines; Described system is included in ray examination instrument, package module and central computer; Package module is packaged into the CAB packet form with the On line inspection instrument and is stored on the central computer; Central computer embeds IE browser (can adopt the com technology to realize embedding) with the CAB bag, and terminal computer is downloaded this CAB bag and automatic the installation through the IE browser from central computer; All up-to-date service packs and patch informations of storage on the central computer; Said On line inspection instrument comprises tactful customized module, uniform data interface module, patch parsing module, enquiry module and download distribution module;
When concentrating when every station terminal computer carried out patch inspection, distribution; The user initiates the instruction of patch safety On line inspection through the input of the IE browser on the central computer to every station terminal computer, and described patch safety On line inspection instruction comprises online update instruction, patch type and latest edition this shop; CAB bag on every station terminal computer starts inspection based on the online updating instruction that receives, and is specific as follows:
The uniform data interface module receives the instruction of patch safety On line inspection through the IE browser, starts the patch parsing module;
Instruction parses patch type and latest edition this shop to the patch parsing module according to patch safety On line inspection; And from tactful customized module, obtain the current patch classification of local computer and patch release number, the two is compared, if the current patch release of local computer number less than latest edition this shop, then is sent to the download distribution module with the patch classification;
The download distribution module is obtained the corresponding service packs of this patch classification according to the patch classification that receives, and downloads and installs, and state and result after installing are fed back to the patch parsing module; The patch parsing module is according to feedback result, and when installing successfully, the latest edition this shop that the service packs of installing is corresponding passes to tactful customized module; If failure is installed, then download and install again, if in preset number of times restriction, failure is installed always, then notify enquiry module that failure information is shown;
Current patch classification and the patch release of storage local computer number in the strategy customized module; And the latest edition this shop that receives and current patch release number compared; When current patch release during number smaller or equal to latest edition this shop, upgrade current patch release number with latest edition this shop; Otherwise, call enquiry module current patch release number shown greater than latest edition this shop.
When terminal computer need carry out the renewal of active patch; Then can in tactful customized module, store the current patch sense cycle of local computer; Terminal computer is initiatively initiated the patch renewal through the uniform data interface module according to the patch sense cycle and is applied for to central computer; Central computer is sent to this terminal computer with this patch type and latest edition this shop with instruction type, and the patch parsing module of terminal computer and other modules are carried out patch according to the method for above-mentioned concentrated inspection and upgraded.
Central computer can also send the patch query statement through the IE browser; The uniform data interface module of corresponding terminal computing machine is obtained this instruction from the IE browser and is sent to enquiry module; The corresponding information that enquiry module is stored in the acquisition strategy customized module from tactful customized module; And the information of obtaining is back to central computer through the uniform data interface module, show by central computer.
Introduce the implementation procedure of each module below in detail.
(1) download distribution module
For the patch that improves download distribution issues efficient, reduce network bandwidth occupation rate and save Internet resources, the method concrete steps are as shown in Figure 5:
(1) the patch classification of the needs renewal of reception patch parsing module transmission is sent to central computer with this patch classification information;
(2) central computer sends the Ping order to each terminal computer through application programming interfaces API; Terminal computer is through after receiving this Ping order; Operating system is returned an information that receives to central computer; Central computer is confirmed the network-in-dialing state between central computer and each terminal computer according to the time interval that issues commands to the information of receiving.
(3) central computer sends the network state query statement through the IE browser; The uniform data interface module of corresponding terminal computing machine is obtained this instruction from the IE browser and is sent to the download distribution module; The download distribution module is obtained the connection status with other terminal computer, and the information of obtaining is back to central computer through the uniform data interface module.
Suppose that a station terminal computer is designated as the A computer and obtains the network state query statement from the IE browser; The A computer based is sent the Ping order to all terminal computers that link to each other with the A computer in this network state query statement through application programming interfaces API; The A computer based is confirmed the network-in-dialing state of coupled all terminal computers of A computer in the time interval that issues commands to the information of receiving, and the download distribution module on the A computer is sent to central computer with above-mentioned status information through the uniform data interface module;
(4) central computer is set up a set according to the status information that receives, and as starting point, the state of the terminal computer that traversal is attached thereto is with the corresponding relation that shows between the good computing machine of connected state with central computer in this set<v
i, V
j>Deposit in this set; The response time (being status information) of general central computer and terminal computer is in 500 milliseconds the time; Good connection between expression central computer and the terminal, on the contrary represent that the two connection status is to block, and blocks terminal computer accordingly and is designated as V
kWherein, V
i(i=1) represent central computer, V
j(j ≠ 1) representative and the good terminal computer of central computer connected state;
(5) definite a certain station terminal computing machine V that blocks with central computer in set
KmCorresponding relation, specific as follows:
(5.1) a certain station terminal computing machine V that blocks with central computer in the obtaining step (4)
KmWith the V in step (4) set
jBetween connection state information, if there is the computing machine of good connection, then with the shortest V of response time in the connection state information
jWith corresponding V
KmCorresponding relation<v
j, V
Km>Deposit in the set; If V
jIn do not exist and this station terminal computing machine V
KmThe computing machine of good connection then changes step (5.2);
(5.2) obtain and this station terminal computing machine V
KmThe terminal computer V that other of good connection and central computer block
KnWill<v
Kn, V
Km>Deposit this set in, change (5.3);
(5.3) obtain terminal computer V
KnWith the V in step (4) set
jBetween connection state information, if there is the computing machine of good connection, then with the shortest V of response time in the connection state information
jWith corresponding V
KnCorresponding relation<v
j, V
Kn>Deposit in the set; If there is not the computing machine of good connection, then deletion from set<v
Kn, V
Km>, will<v
1, V
Km>Deposit in the set;
(6) terminal computer that all and central computer block to other is handled according to step (5);
(7) central computer is according to the content in the set; Through IE browser send state information and corresponding service packs; The uniform data interface module that is connected good terminal computer with central computer is obtained status information and service packs from the IE browser, judges whether status information need be forwarded to this service packs other terminal computer.If need, then service packs is forwarded to other terminal computer, and corresponding service packs is installed, return results is given the patch parsing module.
For example: the content in the set
<V
1,V
2>
<V
1,V
3>
<V
1,V
5>
<V
1,V
7>
......
<V
2,V
4>
<V
3,V
6>
......
Then, central computer need be through IE browser send state information and corresponding service packs, terminal computer V
2, V
3To the service packs that receive be transmitted to the V that blocks with central computer according to status information
4, V
6
(8) information returned according to each terminal of central computer is judged the whether installation of each terminal.
(2) patch parsing module
This module implementation procedure is as shown in Figure 4.
(1) instruction parses patch type and latest edition this shop to the patch parsing module according to patch safety On line inspection;
(2) from tactful customized module, obtain current patch classification of local computer and patch release number, the two is compared,, change step (3) if the current patch release of local computer number less than latest edition this shop, then is sent to the download distribution module with the patch classification; Otherwise, do not handle process ends;
(3) receive installment state and the result that the download distribution module is returned, when the result shows when installing successfully, the latest edition this shop and the set-up time of the service packs correspondence of installation are passed to tactful customized module; Start the download distribution module and download and install again when failure is installed when the result shows,, then notify enquiry module that failure information is shown and point out and restart computing machine if in preset number of times restriction, failure is installed always.Above-mentioned preset number of times is generally 2 times, also can be repeatedly.
(3) tactful customized module
The content of storing in the strategy customized module (for example can comprise the patch classification; System mend, IE patch, application program patch etc.), patch release number, patch set-up time, patch sense cycle, type of operating system etc.; Its content can require to expand according to reality, can adopt form or ini file form.
For example adopt the INI form:
[patch release]
Version=v1.6.0.8
[patch classification]
Classification 1=system mend
Classification 2=IE patch
[patch sense cycle]
Time=10 (the acquiescence unit is the sky)
[operating system]
operating?systems=Windows?XP
...
(4) enquiry module
This module implementation procedure is as shown in Figure 3
(1) receive the patch query statement import into, resolve the querying condition of instruction representative, for example: patch type, patch release number, the patch set-up time etc., call the uniform data interface module according to these conditions and obtain this category information from tactful customized module.
(2) create chained list, the information that inquires is deposited in the chained list total amount of recorded information.If the patch of inquiry does not exist, there is not or does not exist this patch in the condition of then returning inquiry.
(5) uniform data interface module
The uniform data interface module is as shown in Figure 2; The data of other module transmission of main effect receiving center computing machine or terminal computer; Data are encoded according to rule, can data be sent to a corresponding end, for example IP address: 192.168.0.119 etc. according to the IP address.
The uniform data interface module realizes the unified data interface through utilizing ripe JSON technology.
(6) package module
Package module is packaged into the form that CAB wraps with the On line inspection instrument, and concrete steps are following:
(1) utilize makecert.exe to make digital signature
◆ get into system doc interface, the catalogue of input command cd makecert.exe is pressed enter key.For example: cd C:/makeCab
◆ input command, command format is following: makecert-sv-n-ss-r-b-e.For example: makecert
-sv?dsoframer.pvk-n“CN=XXXX”-ss?My-r-b?01/01/1900-e01/01/9999
-sv dsoframer.pvk the meaning is to generate a private spoon file dsoframer.pvk
-n " CN=XXXX " " XXXX " wherein is exactly the proprietary name of certificate that shows in the signature.
-ss My specifies the certificate after generating to be kept in the personal certificate
-r means that certificate is that oneself is presented to oneself.
-b 01/01/2009 specifies the term of validity from date of certificate, and form is the moon/day/year, and minimum is 1900 years
-e 01/01/2018 specifies the expiration of limitation period date of certificate, and form is the same.
◆ open IE " internet option ", switch to " content " label, click " certificate " button and " choose " XXXX " be exactly the certificate that generates, " derivation " is dsoframer.cer it,
(2) set up the inf file, operation IEXPRESS.EXE chooses " create new explaining by oneself and compress command file "; Get into next step; Choose " only creating compressed file (ActiveX installation) ", get into the DLL (if any) that next step program of using comprises routine call and add to advance in the tabulation, press config option after; With regard to continuity point " next step ", promptly generate dsoframer.CAB.
(3) operation signcode.exe selects dsoframer.CAB, and " signature type " in " signature option " selected " self-defined (C) "; The certificate file dsoframer.cer that the first step derived above next step " was selected from file ", the dsoframer.pvk file of next step the selected first step generation of private spoon gets into then and describes again; Note; Among the figure " describe (optional) ": write corresponding descriptive statement as required in the input frame down, click " next step ", until the signature completion.
(4) ready-made CAB bag is embedded into webpage.
Applicating example: software of the present invention and method have been successfully applied to the online censorship process of space flight institute computing machine, have completed successfully the task of more than 1000 computing machine of as many as online censorship simultaneously.Proved that software has short, maintainable good, open interface, perfect debug function and be easy to the advantage using and manage flexibly of construction cycle.
The part that the present invention does not describe in detail belongs to techniques well known.
Claims (3)
1. the patch safety On line inspection system of terminaloriented computing machine is characterized in that: online on a central computer all terminal computers are concentrated inspection, connect through network between all computing machines; Described system is included in ray examination instrument, package module and central computer; Package module is packaged into the form of CAB bag with the On line inspection instrument and is stored on the central computer; Central computer embeds the IE browser with the CAB bag, and terminal computer is downloaded this CAB through the IE browser from central computer and wrapped and install automatically; All up-to-date service packs and patch informations of storage on the central computer; Said On line inspection instrument comprises tactful customized module, uniform data interface module, patch parsing module, enquiry module and download distribution module;
The user initiates the instruction of patch safety On line inspection through the input of the IE browser on the central computer to every station terminal computing machine, and described patch safety On line inspection instruction comprises online update instruction, patch type and latest edition this shop; CAB bag on every station terminal computing machine starts inspection according to the online updating instruction that receives, and is specific as follows:
The uniform data interface module receives the instruction of patch safety On line inspection through the IE browser, starts the patch parsing module; Instruction parses patch type and latest edition this shop to the patch parsing module according to patch safety On line inspection; And from tactful customized module, obtain the current patch classification of local computer and patch release number, the two is compared, if the current patch release of local computer number less than latest edition this shop, then is sent to the download distribution module with the patch classification; The download distribution module is obtained the corresponding service packs of this patch classification according to the patch classification that receives, and downloads and installs, and state and result after installing are fed back to the patch parsing module; The patch parsing module is according to feedback result, and when installing successfully, the latest edition this shop that the service packs of installing is corresponding passes to tactful customized module; If failure is installed, then download and install again, if in preset number of times restriction, failure is installed always, then notify enquiry module that failure information is shown; Current patch classification and the patch release of storage local computer number in the strategy customized module; And the latest edition this shop that receives and current patch release number compared; When current patch release during number smaller or equal to latest edition this shop, upgrade current patch release number with latest edition this shop; Otherwise, call enquiry module current patch release number shown greater than latest edition this shop.
2. the patch safety On line inspection system of terminaloriented computing machine according to claim 1; It is characterized in that: described tactful customized module is also stored the current patch sense cycle of local computer; Terminal computer is initiatively initiated the patch renewal through the uniform data interface module according to the patch sense cycle and is applied for that to central computer central computer is sent to this terminal computer with this patch type and latest edition this shop.
3. the patch safety On line inspection system of terminaloriented computing machine according to claim 1, it is characterized in that: the concrete performing step of described download distribution module is following:
(1) the patch classification of the needs renewal of reception patch parsing module transmission is sent to central computer with this patch classification information;
(2) central computer obtains the connected state between the central computer and each terminal computer in the network through Ping order;
(3) central computer sends the network state query statement through the IE browser; The uniform data interface module of corresponding terminal computing machine is obtained this instruction from the IE browser and is sent to the download distribution module; The download distribution module is obtained the connection status with other terminal computer, and the information of obtaining is back to central computer through the uniform data interface module;
(4) central computer is set up a set according to the status information that receives, and as starting point, the state of the terminal computer that traversal is attached thereto is with the corresponding relation that shows between the good computing machine of connected state with central computer in this set<v
i, V
j>Depositing in this set, is in 500 milliseconds the time when the response time of central computer and terminal computer, good connection between expression central computer and the terminal, on the contrary represent that the two connection status for blocking, blocks terminal computer accordingly and be designated as V
kWherein, V
i(i=1) represent central computer, V
j(j ≠ 1) representative and the good terminal computer of central computer connected state;
(5) definite a certain station terminal computing machine V that blocks with central computer in set
KmCorresponding relation, specific as follows:
(5.1) a certain station terminal computing machine V that blocks with central computer in the obtaining step (4)
KmWith the V in step (4) set
jBetween connection state information, if there is the computing machine of good connection, then with the shortest V of response time in the connection state information
jWith corresponding V
KmCorresponding relation<v
j, V
Km>Deposit in the set; If V
jIn do not exist and this station terminal computing machine V
KmThe computing machine of good connection then changes step (5.2);
(5.2) obtain and this station terminal computing machine V
KmThe terminal computer V that other of good connection and central computer block
KnWill<v
Kn, V
Km>Deposit this set in, change (5.3);
(5.3) obtain terminal computer V
KnWith the V in step (4) set
jBetween connection state information, if there is the computing machine of good connection, then with the shortest V of response time in the connection state information
jWith corresponding V
KnCorresponding relation<v
j, V
Kn>Deposit in the set; If there is not the computing machine of good connection, then deletion from set<v
Kn, V
Km>, will<v
1, V
Km>Deposit in the set;
(6) terminal computer that all and central computer block to other is handled according to step (5);
(7) central computer is according to the content in the set; Through IE browser send state information and corresponding service packs; The uniform data interface module that is connected good terminal computer with central computer is obtained status information and service packs from the IE browser, judges whether status information need be forwarded to this service packs other terminal computer.If need, then service packs is forwarded to other terminal computer, and corresponding service packs is installed, return results is given the patch parsing module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210101326.4A CN102622550B (en) | 2012-04-06 | 2012-04-06 | Safe online patch check system facing terminal computers |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210101326.4A CN102622550B (en) | 2012-04-06 | 2012-04-06 | Safe online patch check system facing terminal computers |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102622550A true CN102622550A (en) | 2012-08-01 |
| CN102622550B CN102622550B (en) | 2015-04-22 |
Family
ID=46562465
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210101326.4A Active CN102622550B (en) | 2012-04-06 | 2012-04-06 | Safe online patch check system facing terminal computers |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102622550B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105260214A (en) * | 2015-11-03 | 2016-01-20 | 用友网络科技股份有限公司 | Intelligent patch pushing method and system applied to complex ERP system |
| CN105302606A (en) * | 2015-11-03 | 2016-02-03 | 用友网络科技股份有限公司 | Project permission based patch downloading method and system |
| CN106610857A (en) * | 2016-12-23 | 2017-05-03 | 上海优刻得信息科技有限公司 | Hot patch information inquiring method and device |
| CN107066247A (en) * | 2016-12-29 | 2017-08-18 | 世纪龙信息网络有限责任公司 | Patch querying method and device |
| CN107408184A (en) * | 2015-02-06 | 2017-11-28 | 霍尼韦尔国际公司 | Patch monitors and analysis |
| CN107481173A (en) * | 2017-09-05 | 2017-12-15 | 王东红 | A kind of Platform of Experimental Teaching experimental project update method and system |
| CN111857771A (en) * | 2020-06-29 | 2020-10-30 | 国网福建省电力有限公司 | Deep learning-based automatic operating system patch installation method and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101119231A (en) * | 2007-07-19 | 2008-02-06 | 南京联创网络科技有限公司 | Method to centralized manage and automatic download mend of computer security leak base |
| US20080163196A1 (en) * | 2005-05-12 | 2008-07-03 | International Business Machines Corporation | Apparatus and method for automatically defining, deploying and managing hardware and software resources in a logically-partitioned computer system |
| US20110145803A1 (en) * | 2009-12-14 | 2011-06-16 | Soederstedt Torbjoern | Extension mechanism |
-
2012
- 2012-04-06 CN CN201210101326.4A patent/CN102622550B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080163196A1 (en) * | 2005-05-12 | 2008-07-03 | International Business Machines Corporation | Apparatus and method for automatically defining, deploying and managing hardware and software resources in a logically-partitioned computer system |
| CN101119231A (en) * | 2007-07-19 | 2008-02-06 | 南京联创网络科技有限公司 | Method to centralized manage and automatic download mend of computer security leak base |
| US20110145803A1 (en) * | 2009-12-14 | 2011-06-16 | Soederstedt Torbjoern | Extension mechanism |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107408184A (en) * | 2015-02-06 | 2017-11-28 | 霍尼韦尔国际公司 | Patch monitors and analysis |
| CN107408184B (en) * | 2015-02-06 | 2021-07-13 | 霍尼韦尔国际公司 | Patch monitoring and analysis |
| CN105260214A (en) * | 2015-11-03 | 2016-01-20 | 用友网络科技股份有限公司 | Intelligent patch pushing method and system applied to complex ERP system |
| CN105302606A (en) * | 2015-11-03 | 2016-02-03 | 用友网络科技股份有限公司 | Project permission based patch downloading method and system |
| CN105260214B (en) * | 2015-11-03 | 2018-12-18 | 用友网络科技股份有限公司 | Intelligent patch method for pushing and system applied to complicated ERP system |
| CN106610857A (en) * | 2016-12-23 | 2017-05-03 | 上海优刻得信息科技有限公司 | Hot patch information inquiring method and device |
| CN106610857B (en) * | 2016-12-23 | 2019-01-22 | 优刻得科技股份有限公司 | A kind of hot patch information query method and device |
| CN107066247A (en) * | 2016-12-29 | 2017-08-18 | 世纪龙信息网络有限责任公司 | Patch querying method and device |
| CN107481173A (en) * | 2017-09-05 | 2017-12-15 | 王东红 | A kind of Platform of Experimental Teaching experimental project update method and system |
| CN111857771A (en) * | 2020-06-29 | 2020-10-30 | 国网福建省电力有限公司 | Deep learning-based automatic operating system patch installation method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102622550B (en) | 2015-04-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102622550A (en) | Safe online patch check system facing terminal computers | |
| CN101194233B (en) | System and method of testing wireless component applications | |
| CN106936633B (en) | Application installation package manufacturing method and server | |
| CN103984573B (en) | The installation method and device of application program | |
| CN105099739B (en) | One kind being based on plug-in type software deployment method, apparatus and application server | |
| US10140103B2 (en) | POS application development method and cloud server | |
| CN105763369A (en) | Terminal equipment remote software version distribution method and system | |
| CN102609281B (en) | Distributed software patch update method and system | |
| CN104657174A (en) | Method and device for dynamically realizing application function | |
| CN104468843A (en) | File uploading method and device | |
| CN110138876B (en) | Task deployment method, device, equipment and platform | |
| CN109634612A (en) | Continuous integrating method, system, computer equipment and storage medium | |
| CN112437140B (en) | Method and device for remotely exporting TBOX log | |
| US20130152069A1 (en) | Method, apparatus and system for initiating terminal operation | |
| CN109391673A (en) | A kind of method, system and the terminal device of management update file | |
| CN107589949A (en) | The distribution of application program installation kit and installation method and corresponding intrument | |
| US20170262263A1 (en) | Process and system for the generation of an operating program in the form of a mobile application that is capable of operating on a mobile device | |
| CN104282093A (en) | Tax-control equipment collective invoicing system and method | |
| CN112650520A (en) | Ammeter upgrading method and system, intelligent ammeter and storage medium | |
| KR101086620B1 (en) | Smart office system and server for managing the sames and method for managing the sames | |
| CN111708550A (en) | Application deployment method and device, computer equipment and storage medium | |
| CN110489132B (en) | Distributed software deployment method and system in cloud computing environment | |
| CN105117329A (en) | Application automatic online system and method | |
| EP2808820A1 (en) | Method of changing password in an industrial automation and control system | |
| CN111935260A (en) | Account synchronization method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |