Summary of the invention
The invention provides a kind of analysis in computer systems, which and the method for the information that performs an action, described method comprises: receiving action information; Analyze described action message and generate analysis result information; The type of described action message is judged according to analysis result information; If the type of described action message is for arranging, then performs and action is set, release is set and returns the information of being provided with; If the type of described action message is for calculating, then performs and calculate action, calculate release and return result of calculation information; If the type of described action message is inquiry, then perform query actions, query actions terminates to return Query Result information.
Preferably, wherein, if the type of described action message is for calculating, then perform and calculate action, security strategy classification is judged further according to described analysis result, if security strategy is senior, then after calculating release after calculating release, result of calculation information is carried out buffer memory to return calculating simultaneously and complete information, and do not return result of calculation information; If security strategy is rudimentary, then, after calculating release, returns calculating and complete information and return result of calculation information simultaneously.
Preferably, wherein, if the type of described action message is inquiry, then perform query actions, query actions terminates to judge security strategy classification further according to described analysis result afterwards, if security strategy is senior: carry out security verification according to analysis result, if by checking, return Query Result information, if not by checking, return failure; If security strategy is rudimentary: return Query Result information.
Preferably, search an object information according to analysis result, perform based on described object information and action, calculating action or query actions are set.Wherein, link according to analysis result identification one, search described object information according to described link.
Preferably, the action message received is encrypted action message, and before analyzing described action message, first decipher the encrypted action message received.
Invention also provides a kind of analysis in computer systems, which and the method for the information that performs an action, described method comprises: receive the first action message; Analyze described first action message and generate the first analysis result information; Resolve the first analysis result acquisition of information computing information, and perform according to described computing information and calculate action, after calculating release, buffer memory result of calculation information also returns calculating and completes information; Receive the second action message; Analyze described second action message and generate the second analysis result information; Resolve the second analysis result acquisition of information Query Information, and perform query actions according to described Query Information, poll-final returns Query Result information.Wherein also comprised before parsing first analysis result acquisition of information computing information: resolve the first analysis result acquisition of information configuration information, and action is set according to described configuration information execution.
Preferably, wherein said Query Result information is described result of calculation information, and described in buffer memory, result of calculation information is to an impact damper, and described query actions is the described impact damper of inquiry.
Preferably, wherein, resolve the second analysis result acquisition of information Query Information, and perform query actions according to described Query Information, the second analysis result is resolved further to obtain security strategy classification information after poll-final, if security strategy classification information is senior: resolve further the second analysis result and obtain security verification information and also verify, then return Query Result information if the verification passes, if checking not by; return failure; If security strategy is rudimentary: return Query Result information.
Preferably, search an object information respectively according to the first analysis result information or the second analysis result information, perform based on described object information and action, calculating action or query actions are set.Wherein, link according to the first analysis result information or the second analysis result information identification one, search described object information according to described link.
Preferably, the first action message received or the second action message are encrypted action messages, and before analyzing described first action message or the second action message, first decipher encrypted first action message or the second action message that receive.
Embodiment
The instructions provided hereafter is to enable those skilled in the art manufacture and using the present invention, and instructions provides in the context of application-specific and demand thereof.Various amendments for disclosed embodiment are easily shown in those skilled in the art, and can be applied to other embodiments and application in the General Principle of this definition, and do not depart from the spirit and scope of the present invention.Thus, the present invention not intended to be is limited to shown embodiment, but meet the most widely scope consistent with principle disclosed herein and feature.
These technology that the present invention relates to can be implemented as independent utility, or the subroutine be embodied as in Another Application or functional module.In addition, can function be configured at client computer (such as at least partly, personal computer, laptop computer, cell phone, PDA or can other equipment of operating computer readable data) above to perform, or by network (such as, internet, Intranet, LAN, WAN, MAN or network combination or be supported in the other technologies communicated between computing system) via the computing system be associated from client computer long-distance support.Thus, buy information, software product and configuration-direct and local storage (such as, (such as, on the computing machine of accessing via network or server) can be stored on the local computer) and/or remotely.
Generally speaking, functional module comprises the routine, program, object, assembly, data structure etc. that perform particular task or realize particular abstract data type.In addition, those skilled in the art will recognize that: computer system may not be limited to conventional personal computer, and comprise other calculating configuration, this comprise handheld device, multicomputer system, based on microprocessor or programmable electronic equipment for consumption, network PC, microcomputer, mainframe computer etc.Similarly, computing equipment is not necessarily limited to independent computing equipment, because these mechanism also can realize in a distributed computing environment, and utilizes in a distributed computing environment and is executed the task by the remote processing devices of communication network links.In a distributed computing environment, functional module can be arranged in local and remote both memory storage devices.
With reference to figure 1, computer system receiving action information; Action message can come from user operation, can come from network request, or the request of inside computer system parts.After receiving action message, analyze described action message by analysis module and generate analysis result information; Described analysis result information comprises type information, security policy information, link information, object information, process information etc.; Analysis module is recorded in a record sheet after analyzing described analysis result information, so that inquiry and access.Computer system judges the type of described action message according to the analysis result information obtained after above-mentioned analysis; Such as, search the type information corresponding to record sheet determination corresponding actions information when needing.Further described type information is judged, if the type of described action message is for arranging, then performs and action is set, release is set and returns the information of being provided with; Wherein arranging action is webpage setting, page setup, window setting, application setting etc.If the type of described action message is for calculating, then performs and calculate action, calculate release and return result of calculation information; Described calculating action is flow rate calculation, power consumption calculation, calculation of capacity, computation etc.If the type of described action message is inquiry, then adjust and perform query actions, query actions terminates to return Query Result information; Wherein query actions is access queries, information inquiry, network inquiry, caching query etc.
According to one preferred embodiment of the present invention, in order to security consideration, wherein, if the type of described action message is for calculating, then performs and calculate action, after calculating release, judge security strategy classification further according to described analysis result, if security strategy is senior, then after calculating release, result of calculation information is carried out buffer memory and return calculating simultaneously and complete information, and do not return result of calculation information; If security strategy is rudimentary, then, after calculating release, return calculating and complete information and return result of calculation information simultaneously, wherein result of calculation information cache is in impact damper.Wherein, if the type of described action message is inquiry, then perform query actions, query actions terminates to judge security strategy classification further according to described analysis result afterwards, if security strategy is senior: carry out security verification according to analysis result, if by checking, return Query Result information, if not by checking, return failure; If security strategy is rudimentary: return Query Result information.
According to one preferred embodiment of the present invention, after analysis module analyzes described action message, computer system is determined an object information according to analysis result information or in record sheet, is searched an object information, and arranges action based on described object information execution, calculate action or query actions.According to another embodiment of the present invention, described computer system links according to analysis result information identification one or in record sheet, searches a link, described object information is searched according to described link, particularly, according to memory location or the document location of the address location object information of described link, and object information is searched on this memory location or document location, then perform based on found object information and action, calculating action or query actions are set.Wherein action is set for performing on described object based on described object information, calculates action or query actions.One of ordinary skill in the art will readily recognize that above-mentioned object can be various hardware resource in computer system or software resource or function or class etc.Above-mentioned process information can be various address information, function pointer, function, data message etc.Above-mentioned setting can be the various settings to window, as maximized, minimizing, close, open, create example etc., also can be to application, as opened, closing etc., also can be to webpage, as rollback, advances etc.Above-mentioned calculating can be computational resource, computing time, computing power, calculating power consumption, computation period etc.Above-mentioned inquiry can be query buffer, query webpage information, data query base resource, inquiry system resource, query text, inquiry hardware resource etc.Sometimes in order to security, the action message received is encrypted action message, and before analyzing described action message, first decipher the encrypted action message received, and described decryption oprerations can be carried out according to PKI or private key.
With reference to figure 2, computer system receives the first action message; First action message can come from user operation, can come from network request, or the request of inside computer system parts.After receiving the first action message, analyze described first action message by analysis module and generate the first analysis result information; First analysis result information comprises type information, security policy information, link information, object information, process information etc.; Analysis module is recorded in a record sheet after analyzing described first analysis result information, so that inquiry and access; Resolve the first analysis result acquisition of information computing information, and perform calculating action according to described computing information, calculate after release, buffer memory result of calculation information also returns calculating and completes information, and described calculating action is flow rate calculation, power consumption calculation, calculation of capacity, computation etc.; Receive the second action message, the second action message can come from user operation, can come from network request, or the request of inside computer system parts; Analyze described second action message and generate the second analysis result information, the second analysis result information comprises type information, security policy information, link information, object information, process information etc.; Analysis module is recorded in described record sheet after analyzing described second analysis result information, so that inquiry and access; Resolve the second analysis result acquisition of information Query Information, and perform query actions according to described Query Information, poll-final returns Query Result information, and wherein query actions is access queries, information inquiry, network inquiry, caching query etc.Wherein said Query Result information is described result of calculation information, and described in buffer memory, result of calculation information is to an impact damper, and described query actions is the described impact damper of inquiry.Wherein also comprised before parsing first analysis result acquisition of information computing information: resolve the first analysis result acquisition of information configuration information, and action is set according to described configuration information execution, wherein arranging action is webpage setting, page setup, window setting, application setting etc.
According to one preferred embodiment of the present invention, in order to security consideration, wherein, resolve the second analysis result acquisition of information Query Information, and perform query actions according to described Query Information, the second analysis result is resolved further to obtain security strategy classification information after poll-final, if security strategy classification information is senior: resolve the second analysis result further and obtain security verification information and verify, then return Query Result information if the verification passes, if checking not by; return failure; If security strategy is rudimentary: return Query Result information.Wherein obtain security verification information to comprise, obtain user right information, digital signature information or encrypted message etc., after obtaining security verification information, this security verification Information Pull authentication module is carried out described checking, such as, authentication module inquiring and authenticating table verify whether user right information legal, verify whether digital signature matches success, verify that whether password is correct etc.Those skilled in the art can know that above-mentioned proof procedure is only exemplary illustration, and checking herein can adopt all solutions that can realize described checking.
According to one preferred embodiment of the present invention, after analysis module analyzes described first action message or the second action message, generate the first analysis result information or the second analysis result information, then, computer system is determined an object information according to the first analysis result information or the second analysis result information or in record sheet, searches an object information, and arranges action based on described object information execution, calculate action or query actions.According to another embodiment of the present invention, described computer system links according to the first analysis result information or the second analysis result information identification one, described object information is searched according to described link, particularly, according to memory location or the document location of the address location object information of described link, and object information is searched on this memory location or document location, then perform based on found object information and action, calculating action or query actions are set.Wherein action is set for performing on described object based on described object information, calculates action or query actions.One of ordinary skill in the art will readily recognize that above-mentioned object can be various hardware resource in computer system or software resource or function or class etc.Above-mentioned process information can be various address information, function pointer, function, data message etc.Above-mentioned setting can be the various settings to window, as maximized, minimizing, close, open, create example etc., also can be to application, as opened, closing etc., also can be to webpage, as rollback, advances etc.Above-mentioned calculating can be computational resource, computing time, computing power, calculating power consumption, computation period etc.Above-mentioned inquiry can be query buffer, query webpage information, data query base resource, inquiry system resource, query text, inquiry hardware resource etc.Sometimes in order to security, the first action message received and/or the second action message are encrypted action messages, and first deciphered encrypted first action message received and/or the second action message before analyzing described first action message and/or the second action message, described decryption oprerations can be carried out according to PKI or private key.It will be understood by those skilled in the art that and can equally be applied to the second action message to the process of the first action action message, similarly, equally can be applied to the second analysis result information to the process of the first analysis result information.
While the present invention allows various improvement and alternative structure, show some embodiment illustrated of the present invention in accompanying drawing and be described in detail.But, it should be appreciated that this is not attempt the present invention to be limited to the form or disclosed form of specifying, and just the opposite, the present invention covers all improvement and substitutes and various merging and combination, and all equivalents all within the spirit and scope of the present invention.