CN105915510A - Method and device for controlling service traffic - Google Patents
Method and device for controlling service traffic Download PDFInfo
- Publication number
- CN105915510A CN105915510A CN201610224756.3A CN201610224756A CN105915510A CN 105915510 A CN105915510 A CN 105915510A CN 201610224756 A CN201610224756 A CN 201610224756A CN 105915510 A CN105915510 A CN 105915510A
- Authority
- CN
- China
- Prior art keywords
- access
- identities
- terminal
- control rule
- access information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
- H04L67/5682—Policies or rules for updating, deleting or replacing the stored data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to a method and a device for controlling service traffic, wherein the method and the device belong to the field of communication technology. The method comprises the steps of receiving an accessing request which is transmitted from a terminal, wherein the accessing request carries the terminal identification of the terminal and the service identification of the accessed service; generating the accessing identification of the terminal according to the terminal identification and the service identification; acquiring the control rule of the accessed service according to the service identification, and acquiring accessing information which corresponds with the accessing identification from a distributed buffer server according to the accessing identification; if the accessing information satisfies the control rule, processing the accessing request, and updating the accessing information which corresponds with the accessing identification in the distributed buffer server; and if the accessing information does not satisfy the control rule, rejecting to process the accessing request. The device comprises a receiving module, a generating module, an acquiring module, a processing module and a restricting module. According to the method and the device, controlling flexibility can be improved.
Description
Technical field
The disclosure is directed to communication technical field, especially with respect to a kind of method controlling Operational Visit amount and dress
Put.
Background technology
In internet, the business in server can be conducted interviews by user by terminal, such as, robs excellent
Favour certificate activity is exactly a kind of business in server, and it is movable that user can rob reward voucher by terminal-joined;Again
As, ballot system is also a kind of business in server, and user can be carried out by terminal in ballot system
Ballot.
It is currently, there are some malicious users, in order to obtain number one, the business in server can be carried out
A large amount of access, these access in a large number and server not only cause attack, but also add the burden of server.
Disclosure
In order to overcome the problem of correlation technique, present disclose provides a kind of method controlling Operational Visit amount and dress
Put.
On the one hand, present disclose provides one according to the first aspect of disclosure embodiment, it is provided that a kind of control industry
The method of business visit capacity, including:
Receiving the access request that terminal sends, described access request carries terminal iidentification and the access of described terminal
The service identification of business;
According to described terminal iidentification and described service identification, generate the access identities of described terminal;
According to described service identification, obtain the control rule of described access service, and, according to described access
Mark, obtains the access information that described access identities is corresponding from distributed cache server;
If described access information meets described control rule, process described access request, and update described point
The access information that access identities described in cloth caching server is corresponding;
If described access information is unsatisfactory for the described rule that controls, the refusal described access request of process.
Optionally, described access information includes that expired time and access times, described control rule are used for indicating
The maximum access times of described terminal access business were allowed before described expired time arrives;Described method is also
Including:
If described expired time does not arrives and described access times are not above described maximum access times, really
Fixed described access information meets described control rule;
If described expired time has arrived or described access times exceed described maximum access times, determine
Described access information is unsatisfactory for described control rule.
Optionally, described method also includes:
If it is corresponding with described access identities to there is not described access identities in described distributed cache server
Access information, processes described access request.
Optionally, after the described access request of described process, also include:
Initial access number of times is set, and according to the current time restriction duration corresponding with described service identification, if
Put expired time;
Described initial access number of times and described expired time are formed the access information of described access identities, and will
The corresponding relation of described access identities and described access information stores in described distributed cache server.
Optionally, described method also includes:
When the expired time that described access information includes arrives, by described access identities and described access information
Corresponding relation delete from described distributed cache server.
Optionally, described according to described service identification, the control obtaining described access service is regular, including:
According to described service identification, from the corresponding relation of service identification and control rule, obtain described access industry
The control rule of business;
Described according to described access identities, from distributed cache server, obtain described access identities corresponding
Access information, including:
According to described access identities, the access identities of storage and the information of access from distributed cache server
Corresponding relation obtains the access information that described access identities is corresponding.
On the other hand, present disclose provides one according to the second aspect of disclosure embodiment, it is provided that a kind of control
The device of Operational Visit amount, including:
Receiver module, for receiving the access request that terminal sends, described access request carries described terminal
Terminal iidentification and the service identification of access service;
Generation module, for according to described terminal iidentification and described service identification, generates the access of described terminal
Mark;
Acquisition module, for according to described service identification, obtains the control rule of described access service, and,
According to described access identities, from distributed cache server, obtain the access information that described access identities is corresponding;
Processing module, for when described access information meets described control rule, processing described access request,
And update the access information that access identities described in described distributed cache server is corresponding;
Limiting module, for when described access information is unsatisfactory for described control rule, refusal processes described visit
Ask request.
Optionally, described access information includes that expired time and access times, described control rule are used for indicating
The maximum access times of described terminal access business were allowed before described expired time arrives;Described device is also
Including:
First determines module, for not arriving and described access times are not above described in described expired time
During maximum access times, determine that described access information meets described control rule;
Second determines module, for described expired time arrived or described access times exceed described in
During big access times, determine that described access information is unsatisfactory for described control rule.
Optionally, described processing module, it is additionally operable to not exist described visit in described distributed cache server
When asking corresponding with the described access identities access information of mark, process described access request.
Optionally, described device also includes:
Module is set, is used for arranging initial access number of times, and corresponding with described service identification according to current time
Restriction duration, expired time is set;
Comprising modules, for forming described access identities by described initial access number of times and described expired time
Access information;
Memory module, for storing described point by the corresponding relation of described access identities and described access information
In cloth caching server.
Optionally, described device also includes:
Removing module, for when the expired time that described access information includes arrives, by described access identities
Delete from described distributed cache server with the corresponding relation of described access information.
Optionally, described acquisition module, including:
First acquiring unit, for according to described service identification, from service identification and the corresponding pass of control rule
System obtains the control rule of described access service;
Second acquisition unit, for according to described access identities, the visit stored from distributed cache server
Ask to identify and obtain, in the corresponding relation of the information of access, the access information that described access identities is corresponding.
On the other hand, present disclose provides one according to the third aspect of disclosure embodiment, it is provided that a kind of control
The device of Operational Visit amount, including:
Processor;
For storing the memory of processor executable;
Wherein, described processor is configured to:
Receiving the access request that terminal sends, described access request carries terminal iidentification and the access of described terminal
The service identification of business;
According to described terminal iidentification and described service identification, generate the access identities of described terminal;
According to described service identification, obtain the control rule of described access service, and, according to described access
Mark, obtains the access information that described access identities is corresponding from distributed cache server;
If described access information meets described control rule, process described access request, and update described point
The access information that access identities described in cloth caching server is corresponding;
If described access information is unsatisfactory for the described rule that controls, the refusal described access request of process.
Some beneficial effects of the disclosure may include that and receive the access request that terminal sends, this access request
The terminal iidentification of carried terminal and the service identification of access service;According to this terminal iidentification and this service identification,
Generate the access identities of terminal;According to this service identification, obtain the control rule of access service, and, root
According to this access identities, from distributed cache server, obtain the access information that this access identities is corresponding;If
This access information meets control rule, processes access request, and updates access mark in distributed cache server
Know corresponding access information;If this access information is unsatisfactory for controlling rule, refusal processes this access request.
According to controlling regular with access information, the access request of terminal being controlled, such that it is able to improve in the disclosure
The flexibility controlled.
Accompanying drawing explanation
Accompanying drawing described herein is used for providing further understanding of the disclosure, constitutes the part of the application,
It is not intended that restriction of this disclosure.In the accompanying drawings:
Fig. 1 is the flow chart according to a kind of method controlling Operational Visit amount shown in an exemplary embodiment;
Fig. 2 is the flow chart according to a kind of method controlling Operational Visit amount shown in an exemplary embodiment;
Fig. 3-1 is the block diagram according to a kind of device controlling Operational Visit amount shown in an exemplary embodiment;
Fig. 3-2 is the block diagram according to the another kind of device controlling Operational Visit amount shown in an exemplary embodiment;
Fig. 3-3 is the block diagram according to the another kind of device controlling Operational Visit amount shown in an exemplary embodiment;
Fig. 3-4 is the block diagram according to the another kind of device controlling Operational Visit amount shown in an exemplary embodiment;
Fig. 3-5 is the block diagram of the device according to a kind of acquisition module shown in an exemplary embodiment;
Fig. 4 is the block diagram (general structure of server) according to a kind of device shown in an exemplary embodiment.
Detailed description of the invention
For making the purpose of the disclosure, technical scheme and advantage clearer, below in conjunction with embodiment
And accompanying drawing, the disclosure is described in further details.Here, the exemplary embodiment of the disclosure and saying
Bright for explaining the disclosure, but it is not intended as restriction of this disclosure.
Fig. 1 is the flow chart according to a kind of method controlling Operational Visit amount shown in an exemplary embodiment,
As it is shown in figure 1, the method controlling Operational Visit amount is used in server, comprise the following steps.
In this step S101, receive the access request that terminal sends, the terminal of this access request carried terminal
Mark and the service identification of access service;
In this step S102, according to this terminal iidentification and this service identification, generate the access identities of terminal;
In this step S103, according to this service identification, obtain the control rule of access service, and, root
According to this access identities, from distributed cache server, obtain the access information that this access identities is corresponding;
In this step S104, if this access information meets controls rule, process this access request, and more
The access information that in new distributing formula caching server, this access identities is corresponding;
In this step S105, if this access information is unsatisfactory for controlling rule, refusal processes this access request.
Receive the access request that terminal sends, the terminal iidentification of this access request carried terminal and access service
Service identification;According to this terminal iidentification and this service identification, generate the access identities of terminal;According to this business
Mark, obtains the control rule of access service, and, according to this access identities, from distributed caching service
Device obtains the access information that this access identities is corresponding;If this access information meets controls rule, process and visit
Ask request, and update the access information that access identities in distributed cache server is corresponding;If this access is believed
Breath is unsatisfactory for controlling rule, and refusal processes this access request.According to controlling rule and the information of access in the disclosure
The access request of terminal is controlled, such that it is able to improve the flexibility controlled.
The disclosure one exemplary embodiment provides a kind of method controlling Operational Visit amount, and the method can be used
In server, server can be previously provided with the application program for controlling Operational Visit amount.Service
Device can include processor, and processor may be used for receiving the access request that terminal sends, and this access request is taken
The terminal iidentification of tape terminal and the service identification of access service;According to this terminal iidentification and this service identification, raw
Become the access identities of terminal;According to this service identification, obtain the control rule of this access service, and, root
According to this access identities, from distributed cache server, obtain the access information that this access identities is corresponding;If
This access information meets control rule, processes this access request, and updates access in distributed cache server
The access information that mark is corresponding;If this access information is unsatisfactory for controlling rule, refusal processes this access request;
Server can also include that memory, memory may be used for storage service mark and control the corresponding pass of rule
The data produced in system, and access identities and the corresponding relation of access information, and above-mentioned processing procedure.
It addition, server can also include the parts such as power supply.
Fig. 2 is the flow chart according to a kind of method controlling Operational Visit amount shown in an exemplary embodiment,
As in figure 2 it is shown, the method controlling Operational Visit amount is used in server, comprise the following steps.
In step s 201, the access request that terminal sends, the terminal mark of this access request carried terminal are received
Know and the service identification of access service.
Having one or more access service in server, this access service can be to rob reward voucher activity, ballot
System etc..When user wants to conduct interviews certain access service in server, user by terminal to
Server sends the business mark of access request, the terminal iidentification of this access request carried terminal and this access service
Know.
Terminal iidentification can be IP (Internet Protocol, the interconnection between network of ID and/or terminal
Agreement) address;Service identification can be the Business Name of access service, or the URL (Uniform of business
Resoure Locator, uniform resource locator) address etc..
Such as, access service is movable for robbing reward voucher, and service identification is the URL address of business, terminal iidentification
IP address for terminal;Then this step can be:
Server receive terminal send access request, the IP address of this access request carried terminal and rob preferential
The URL address of certificate.
Optionally, if only having a kind of access service in server, this access request can not carry access industry
The service identification of business, namely the terminal iidentification of this access request only carried terminal.
In step S202, according to this terminal iidentification and this service identification, generate the access identities of terminal.
Using the combination of this terminal iidentification and this service identification as the access identities of terminal;Or, obtain and preset
Marking algorithm, according to this terminal iidentification and this service identification, by default marking algorithm, the visit of computing terminal
Ask mark.
Such as, default marking algorithm can be hash algorithm or MD5 (Message-Digest Algorithm 5,
Message-Digest Algorithm 5) algorithm.
Such as, default marking algorithm is hash algorithm, the most in this step, by this terminal iidentification and this business
Mark is combined, and by hash algorithm, calculates the cryptographic Hash access identities as terminal of this combination.
Optionally, if server only has a kind of access service, the most in this step, can directly will be somebody's turn to do
Terminal iidentification is as the access identities of terminal;Can also be according to this terminal iidentification, by default marking algorithm,
The access identities of computing terminal.
In step S203, according to this service identification, obtain the control rule of this access service, and determine point
Whether cloth caching server exists the access information that this access identities is corresponding with this access identities, if deposited
, perform step S204;If it does not, perform step S206.
Server, in order to control Operational Visit amount, can arrange a control for each access service in server
Rule, controls rule and is used for indicating the maximum access allowing terminal access business before expired time arrives secondary
Number, then server storage service mark and the corresponding relation of control rule, accordingly, according to service identification,
The step controlling rule obtaining this access service can be:
According to this service identification, from the corresponding relation of service identification and control rule, obtain this access service
Control rule.
Optionally, when terminal accesses this access service in server for the first time, server arranges initial access
Number of times, initial access number of times can be 1;According to the restriction duration that current time is corresponding with this service identification, if
Put expired time;This initial access number of times and this expired time are formed the access information of this access identities, and
The corresponding relation of this access identities He this access information is stored in distributed cache server.
Optionally, if this access service need not arrange expired time, the most in this step, can be direct
Using this initial access number of times as the access information of this access identities.
Server is that each access service arranges a restriction duration, such as, robs reward voucher activity and allows user
Within one day, rush to purchase three times, then limiting duration can be 24 hours.Server storage service identifies and limits duration
Corresponding relation, then according to the restriction duration that current time is corresponding with this service identification, arrange the step of expired time
Suddenly can be:
According to this service identification, from the corresponding relation of service identification and restriction duration, obtain this service identification pair
The restriction duration answered;Determine with current time as initial time, in initial time after limiting duration
Time point, is defined as expired time by this time point.
Such as, during restriction a length of 24 hours, then current time is 2015-12-5,10:00ap, time the most expired
Between be 2015-12-6,10:00ap.
In this step, determine and whether distributed cache server exists this access identities and this access identities
Corresponding access information, if it is corresponding with this access identities to there is this access identities in distributed cache server
Access information, accessed this access service before determining terminal, performed step S204;If it is distributed
Caching server does not exist the access information that this access identities is corresponding with this access identities, before determining terminal
Have not visited this access service, namely terminal is to access this access service in server for the first time, generates and visits
Ask information, the corresponding relation of this access identities He this access information stored in distributed cache server,
Then step S206 is performed.
It should be noted that the corresponding relation of access identities and the information of access is stored distributed caching service
In device, extensibility is strong, and performance is the best.
Optionally, if the maximum access times of this access service are 1, then terminal accesses in server for the first time
This access service time, this access identities is stored in distributed cache server by server;Accordingly,
This step can be:
According to this service identification, obtain the control rule of this access service;And determine distributed cache server
In whether there is this access identities, if distributed cache server exists this access identities, determine terminal
The most having accessed this access service, direct refusal processes this access request;If distributed cache server
In do not exist, process this access request.
Optionally, if server only has a kind of access service, server can not storage service mark and
Control the corresponding relation of rule, namely the control directly storing this access service in server is regular, accordingly,
This step can be:
Obtain the control rule stored, and determine whether distributed cache server exists this access identities
The access information corresponding with this access identities, if it does, perform step S204;If it does not, perform
Step S206.
In step S204, if distributed cache server exists this access identities and this access identities pair
The access information answered, according to this access identities, obtains this access identities corresponding from distributed cache server
Access information.
According to this access identities, the access identities stored from distributed cache server is right with the information of access
Should be related to the access information that this access identities of middle acquisition is corresponding, this access information includes expired time and accesses secondary
Number.
Such as, according to this access identities, from distributed cache server, the visit that this access identities is corresponding is obtained
The information of asking includes expired time: 2015-12-6,10:00ap, and access times are 2.
In step S205, according to this access information and this control rule, determine whether this access information meets
This control rule, if it is satisfied, perform step S206;If be unsatisfactory for, perform step S207.
This access information includes expired time and access times, and this control rule is for indicating in this expired time
The maximum access times of terminal access business are allowed before arrival;Then this step can be:
Determine whether this expired time arrives, and, determine whether these access times exceed this maximum and access secondary
Number;If this expired time does not arrives and these access times are not above this maximum access times, determine this visit
The information of asking meets this control rule;If this expired time has arrived or these access times exceed this maximum and visit
Ask number of times, determine that this access information is unsatisfactory for this control rule.
Such as, current time is 2015-12-6,08:00ap, and server prescribed terminal can rob three in one day
Secondary reward voucher, then maximum access times are 3;Then this step can be:
Determine this expired time: whether 2015-12-6,10:00ap arrive, and determine this access times: 2
Whether more than these maximum access times: 3;Do not arrive due to this expired time and these access times are not above this
Maximum access times, determine that this access information meets this control rule, perform step S206.
In step S206, if this access information meets in this control rule or distributed cache server
There is not the access information that this access identities is corresponding with this access identities, process this access request, and renewal point
The access information that in cloth caching server, this access identities is corresponding, performs step S208.
If this access information meets this control rule, update this access identities pair in distributed cache server
The step of the access information answered can be:
If this access information meets this control rule, by corresponding for this access identities in distributed cache server
The access times that include of access information add one.
If distributed cache server does not exist the access letter that this access identities is corresponding with this access identities
Breath, updating the step of the access information that this access identities is corresponding in distributed cache server can be:
If distributed cache server does not exist the access letter that this access identities is corresponding with this access identities
Breath, arranges initial access number of times, and according to the current time restriction duration corresponding with this service identification, setting
Expired time;This initial access number of times and this expired time are formed the access information of this access identities, and will
The corresponding relation of this access identities and this access information stores in distributed cache server.
In step S207, if this access information is unsatisfactory for this control rule, refusal processes this access request.
Optionally, send information to terminal, this information be used for pointing out user in limiting duration
Reach maximum access times.This information can also include expired time.
Optionally, if this access information does not include expired time, after execution of step S207, terminate;
If this access information includes expired time, after execution of step S207, perform step S208.
In step S208, when expired time that this access information includes arrives, by this access identities and should
The corresponding relation of access information is deleted from distributed cache server.
Receive the access request that terminal sends, the terminal iidentification of this access request carried terminal and access service
Service identification;According to this terminal iidentification and this service identification, generate the access identities of terminal;According to this business
Mark, obtains the control rule of access service, and, according to this access identities, from distributed caching service
Device obtains the access information that this access identities is corresponding;If this access information meets controls rule, process and visit
Ask request, and update the access information that access identities in distributed cache server is corresponding;If this access is believed
Breath is unsatisfactory for controlling rule, and refusal processes this access request.According to controlling rule and the information of access in the disclosure
The access request of terminal is controlled, such that it is able to improve the flexibility controlled.
Fig. 3-1 is according to a kind of device schematic diagram controlling Operational Visit amount shown in an exemplary embodiment.Ginseng
Seeing Fig. 3-1, this device includes:
Receiver module 301, for receiving the access request that terminal sends, the terminal of this access request carried terminal
Mark and the service identification of access service;
Generation module 302, for according to this terminal iidentification and this service identification, generating the access identities of terminal;
Acquisition module 303, for according to this service identification, obtains the control rule of this access service, and,
According to this access identities, from distributed cache server, obtain the access information that this access identities is corresponding;
Processing module 304, for when this access information meets this control rule, processes this access request, and
Update the access information that in distributed cache server, this access identities is corresponding;
Limiting module 305, for when this access information is unsatisfactory for this control rule, refusal processes this access please
Ask.
Optionally, seeing Fig. 3-2, this access information includes expired time and access times, and this control rule is used
Before expired time arrives, the maximum access times of terminal access business are allowed in instruction;This device also includes:
First determines module 306, for not arriving and these access times are not above maximum access in expired time
During number of times, determine that this access information meets and control rule;
Second determines module 307, for having arrived or these access times exceed maximum access time in expired time
During number, determine that this access information is unsatisfactory for controlling rule.
Optionally, processing module 304, be additionally operable in distributed cache server not exist this access identities and
During access information corresponding to this access identities, process this access request.
Optionally, seeing Fig. 3-3, this device also includes:
Module 308 is set, is used for arranging initial access number of times, and corresponding with this service identification according to current time
Restriction duration, expired time is set;
Comprising modules 309, for by this initial access number of times and the access letter of this expired time composition access identities
Breath;
Memory module 310, distributed slow for the corresponding relation of this access identities He this access information is stored
Deposit in server.
Optionally, seeing Fig. 3-4, this device also includes:
Removing module 311, for when expired time that this access information includes arrives, by this access identities and
The corresponding relation of this access information is deleted from distributed cache server.
Optionally, see Fig. 3-5, acquisition module 303, including:
First acquiring unit 3031, for according to this service identification, from service identification and the correspondence of control rule
Relation obtains the control rule of this access service;
Second acquisition unit 3032, for according to this access identities, storing from distributed cache server
Access identities obtains, in the corresponding relation of the information of access, the access information that this access identities is corresponding.
Embodiment of the disclosure that the technical scheme of offer can include following beneficial effect: receive what terminal sent
Access request, the terminal iidentification of this access request carried terminal and the service identification of access service;According to this eventually
End mark and this service identification, generate the access identities of terminal;According to this service identification, obtain access service
Control rule, and, according to this access identities, from distributed cache server, obtain this access identities
Corresponding access information;If this access information meets controls rule, process access request, and more new distributing
The access information that in formula caching server, access identities is corresponding;If this access information is unsatisfactory for controlling rule,
Refusal processes this access request.The access request of terminal is entered by the disclosure according to control rule and access information
Row controls, such that it is able to improve the flexibility controlled.
Fig. 4 is according to a kind of device 400 for controlling Operational Visit amount shown in an exemplary embodiment
Block diagram.Such as, device 400 may be provided in a server.With reference to Fig. 4, device 400 includes process group
Part 422, it farther includes one or more processor, and is provided by the memory representated by memory 432
Source, can be by the instruction of the execution processing assembly 422, such as application program for storage.In memory 432
Storage application program can include one or more each corresponding to one group instruction module.This
Outward, process assembly 422 to be configured to perform instruction, to perform said method.
Device 400 can also include that a power supply module 426 is configured to perform the power management of device 400,
One wired or wireless network interface 450 is configured to be connected to device 400 network, and an input is defeated
Go out (I/O) interface 458.Device 400 can operate based on the operating system being stored in memory 432, example
Such as Windows ServerTM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM or similar.
Embodiment of the disclosure that the technical scheme of offer can include following beneficial effect: receive what terminal sent
Access request, the terminal iidentification of this access request carried terminal and the service identification of access service;According to this eventually
End mark and this service identification, generate the access identities of terminal;According to this service identification, obtain access service
Control rule, and, according to this access identities, from distributed cache server, obtain this access identities
Corresponding access information;If this access information meets controls rule, process access request, and more new distributing
The access information that in formula caching server, access identities is corresponding;If this access information is unsatisfactory for controlling rule,
Refusal processes this access request.The access request of terminal is entered by the disclosure according to control rule and access information
Row controls, such that it is able to improve the flexibility controlled.
Those skilled in the art, after considering specification and putting into practice disclosure disclosed herein, will readily occur to these public affairs
Other embodiment opened.The application is intended to any modification, purposes or the adaptations of the disclosure,
These modification, purposes or adaptations are followed the general principle of the disclosure and include that the disclosure is not disclosed
Common knowledge in the art or conventional techniques means.Description and embodiments is considered only as exemplary
, the true scope of the disclosure and spirit are pointed out by claim below.
It should be appreciated that the disclosure is not limited to accurate knot described above and illustrated in the accompanying drawings
Structure, and various modifications and changes can carried out without departing from the scope.The scope of the present disclosure is only by appended
Claim limits.
Claims (13)
1. the method controlling Operational Visit amount, it is characterised in that described method includes:
Receiving the access request that terminal sends, described access request carries terminal iidentification and the access of described terminal
The service identification of business;
According to described terminal iidentification and described service identification, generate the access identities of described terminal;
According to described service identification, obtain the control rule of described access service, and, according to described access
Mark, obtains the access information that described access identities is corresponding from distributed cache server;
If described access information meets described control rule, process described access request, and update described point
The access information that access identities described in cloth caching server is corresponding;
If described access information is unsatisfactory for the described rule that controls, the refusal described access request of process.
Method the most according to claim 1, it is characterised in that described access information includes expired time
And access times, described control rule allowed described terminal to visit for instruction before described expired time arrives
Ask the maximum access times of business;Described method also includes:
If described expired time does not arrives and described access times are not above described maximum access times, really
Fixed described access information meets described control rule;
If described expired time has arrived or described access times exceed described maximum access times, determine
Described access information is unsatisfactory for described control rule.
Method the most according to claim 1, it is characterised in that described method also includes:
If it is corresponding with described access identities to there is not described access identities in described distributed cache server
Access information, processes described access request.
Method the most according to claim 3, it is characterised in that after the described access request of described process,
Also include:
Initial access number of times is set, and according to the current time restriction duration corresponding with described service identification, if
Put expired time;
Described initial access number of times and described expired time are formed the access information of described access identities, and will
The corresponding relation of described access identities and described access information stores in described distributed cache server.
5. according to the method described in Claims 1-4 any one claim, it is characterised in that described side
Method also includes:
When the expired time that described access information includes arrives, by described access identities and described access information
Corresponding relation delete from described distributed cache server.
Method the most according to claim 1, it is characterised in that described according to described service identification, obtains
Take the control rule of described access service, including:
According to described service identification, from the corresponding relation of service identification and control rule, obtain described access industry
The control rule of business;
Described according to described access identities, from distributed cache server, obtain described access identities corresponding
Access information, including:
According to described access identities, the access identities of storage and the information of access from distributed cache server
Corresponding relation obtains the access information that described access identities is corresponding.
7. the device controlling Operational Visit amount, it is characterised in that described device includes:
Receiver module, for receiving the access request that terminal sends, described access request carries described terminal
Terminal iidentification and the service identification of access service;
Generation module, for according to described terminal iidentification and described service identification, generates the access of described terminal
Mark;
Acquisition module, for according to described service identification, obtains the control rule of described access service, and,
According to described access identities, from distributed cache server, obtain the access information that described access identities is corresponding;
Processing module, for when described access information meets described control rule, processing described access request,
And update the access information that access identities described in described distributed cache server is corresponding;
Limiting module, for when described access information is unsatisfactory for described control rule, refusal processes described visit
Ask request.
Device the most according to claim 7, it is characterised in that described access information includes expired time
And access times, described control rule allowed described terminal to visit for instruction before described expired time arrives
Ask the maximum access times of business;Described device also includes:
First determines module, for not arriving and described access times are not above described in described expired time
During maximum access times, determine that described access information meets described control rule;
Second determines module, for described expired time arrived or described access times exceed described in
During big access times, determine that described access information is unsatisfactory for described control rule.
Device the most according to claim 7, it is characterised in that described processing module, is additionally operable in institute
State and distributed cache server does not exist the access information that described access identities is corresponding with described access identities
Time, process described access request.
Device the most according to claim 9, it is characterised in that described device also includes:
Module is set, is used for arranging initial access number of times, and corresponding with described service identification according to current time
Restriction duration, expired time is set;
Comprising modules, for forming described access identities by described initial access number of times and described expired time
Access information;
Memory module, for storing described point by the corresponding relation of described access identities and described access information
In cloth caching server.
11. according to the device described in claim 7 to 10 any one claim, it is characterised in that described
Device also includes:
Removing module, for when the expired time that described access information includes arrives, by described access identities
Delete from described distributed cache server with the corresponding relation of described access information.
12. devices according to claim 7, it is characterised in that described acquisition module, including:
First acquiring unit, for according to described service identification, from service identification and the corresponding pass of control rule
System obtains the control rule of described access service;
Second acquisition unit, for according to described access identities, the visit stored from distributed cache server
Ask to identify and obtain, in the corresponding relation of the information of access, the access information that described access identities is corresponding.
13. 1 kinds of devices controlling Operational Visit amount, it is characterised in that described device includes:
Processor;
For storing the memory of processor executable;
Wherein, described processor is configured to:
Receiving the access request that terminal sends, described access request carries terminal iidentification and the access of described terminal
The service identification of business;
According to described terminal iidentification and described service identification, generate the access identities of described terminal;
According to described service identification, obtain the control rule of described access service, and, according to described access
Mark, obtains the access information that described access identities is corresponding from distributed cache server;
If described access information meets described control rule, process described access request, and update described point
The access information that access identities described in cloth caching server is corresponding;
If described access information is unsatisfactory for the described rule that controls, the refusal described access request of process.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610224756.3A CN105915510A (en) | 2016-04-12 | 2016-04-12 | Method and device for controlling service traffic |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610224756.3A CN105915510A (en) | 2016-04-12 | 2016-04-12 | Method and device for controlling service traffic |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105915510A true CN105915510A (en) | 2016-08-31 |
Family
ID=56745924
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610224756.3A Pending CN105915510A (en) | 2016-04-12 | 2016-04-12 | Method and device for controlling service traffic |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105915510A (en) |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106375472A (en) * | 2016-09-29 | 2017-02-01 | 北京三快在线科技有限公司 | Access request processing method and apparatus, and server |
CN106598881A (en) * | 2016-12-20 | 2017-04-26 | 北京小米移动软件有限公司 | Page processing method and device |
CN106656959A (en) * | 2016-09-28 | 2017-05-10 | 腾讯科技(深圳)有限公司 | Access request regulation and control method and device |
WO2018049963A1 (en) * | 2016-09-14 | 2018-03-22 | 北京佰才邦技术有限公司 | Resource download method and buffer apparatus |
CN107948314A (en) * | 2017-12-21 | 2018-04-20 | 泰康保险集团股份有限公司 | Method for processing business, device and the server of rule-based file |
CN108259363A (en) * | 2016-12-29 | 2018-07-06 | 中国移动通信集团公司 | A kind of method and device of staged service traffics control |
CN108647240A (en) * | 2018-04-04 | 2018-10-12 | 沈文策 | A kind of method, apparatus, electronic equipment and the storage medium of statistics visit capacity |
CN108834130A (en) * | 2018-05-31 | 2018-11-16 | 深圳市宏电技术股份有限公司 | Mark distributing method, device, terminal and computer readable storage medium |
CN109299049A (en) * | 2018-10-11 | 2019-02-01 | 郑州云海信息技术有限公司 | A kind of processing method and processing device of file access request |
CN109756528A (en) * | 2017-11-01 | 2019-05-14 | 广州腾讯科技有限公司 | Control method for frequency and device, equipment, storage medium, server |
CN109889508A (en) * | 2019-01-25 | 2019-06-14 | 北京融链科技有限公司 | A kind of right management method and device |
CN109981553A (en) * | 2017-12-28 | 2019-07-05 | 北京京东尚科信息技术有限公司 | Access control method and its system, computer system and readable storage medium storing program for executing |
CN110120941A (en) * | 2019-04-16 | 2019-08-13 | 石化盈科信息技术有限责任公司 | A kind of single-point logging method based on cloud service |
CN110677494A (en) * | 2019-10-14 | 2020-01-10 | 腾讯科技(深圳)有限公司 | Access response method and device |
CN111770126A (en) * | 2019-06-28 | 2020-10-13 | 北京京东尚科信息技术有限公司 | Service request processing method, device and storage medium |
CN112839008A (en) * | 2019-11-22 | 2021-05-25 | 北京沃东天骏信息技术有限公司 | Access monitoring method, device and system |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102137111A (en) * | 2011-04-20 | 2011-07-27 | 北京蓝汛通信技术有限责任公司 | Method and device for preventing CC (Challenge Collapsar) attack and content delivery network server |
CN104125313A (en) * | 2014-07-11 | 2014-10-29 | 广州华多网络科技有限公司 | Network voting method and device |
CN104394128A (en) * | 2014-11-10 | 2015-03-04 | 安磊 | A control method for a terminal to access a server |
CN104978335A (en) * | 2014-04-04 | 2015-10-14 | 阿里巴巴集团控股有限公司 | Data access control method and data access control device |
US9197639B2 (en) * | 2011-12-07 | 2015-11-24 | Modacom Co., Ltd. | Method for sharing data of device in M2M communication and system therefor |
CN105282047A (en) * | 2015-09-25 | 2016-01-27 | 小米科技有限责任公司 | Access request processing method and device |
-
2016
- 2016-04-12 CN CN201610224756.3A patent/CN105915510A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102137111A (en) * | 2011-04-20 | 2011-07-27 | 北京蓝汛通信技术有限责任公司 | Method and device for preventing CC (Challenge Collapsar) attack and content delivery network server |
US9197639B2 (en) * | 2011-12-07 | 2015-11-24 | Modacom Co., Ltd. | Method for sharing data of device in M2M communication and system therefor |
CN104978335A (en) * | 2014-04-04 | 2015-10-14 | 阿里巴巴集团控股有限公司 | Data access control method and data access control device |
CN104125313A (en) * | 2014-07-11 | 2014-10-29 | 广州华多网络科技有限公司 | Network voting method and device |
CN104394128A (en) * | 2014-11-10 | 2015-03-04 | 安磊 | A control method for a terminal to access a server |
CN105282047A (en) * | 2015-09-25 | 2016-01-27 | 小米科技有限责任公司 | Access request processing method and device |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018049963A1 (en) * | 2016-09-14 | 2018-03-22 | 北京佰才邦技术有限公司 | Resource download method and buffer apparatus |
CN106656959B (en) * | 2016-09-28 | 2020-07-28 | 腾讯科技(深圳)有限公司 | Access request regulation and control method and device |
CN106656959A (en) * | 2016-09-28 | 2017-05-10 | 腾讯科技(深圳)有限公司 | Access request regulation and control method and device |
CN106375472A (en) * | 2016-09-29 | 2017-02-01 | 北京三快在线科技有限公司 | Access request processing method and apparatus, and server |
CN106598881A (en) * | 2016-12-20 | 2017-04-26 | 北京小米移动软件有限公司 | Page processing method and device |
CN108259363A (en) * | 2016-12-29 | 2018-07-06 | 中国移动通信集团公司 | A kind of method and device of staged service traffics control |
CN109756528B (en) * | 2017-11-01 | 2022-03-11 | 广州腾讯科技有限公司 | Frequency control method and device, equipment, storage medium and server |
CN109756528A (en) * | 2017-11-01 | 2019-05-14 | 广州腾讯科技有限公司 | Control method for frequency and device, equipment, storage medium, server |
CN107948314A (en) * | 2017-12-21 | 2018-04-20 | 泰康保险集团股份有限公司 | Method for processing business, device and the server of rule-based file |
CN107948314B (en) * | 2017-12-21 | 2021-07-06 | 泰康保险集团股份有限公司 | Business processing method and device based on rule file and server |
CN109981553B (en) * | 2017-12-28 | 2021-12-31 | 北京京东尚科信息技术有限公司 | Access control method, system thereof, computer system, and readable storage medium |
CN109981553A (en) * | 2017-12-28 | 2019-07-05 | 北京京东尚科信息技术有限公司 | Access control method and its system, computer system and readable storage medium storing program for executing |
CN108647240A (en) * | 2018-04-04 | 2018-10-12 | 沈文策 | A kind of method, apparatus, electronic equipment and the storage medium of statistics visit capacity |
CN108647240B (en) * | 2018-04-04 | 2022-04-12 | 沈文策 | Method and device for counting access amount, electronic equipment and storage medium |
CN108834130A (en) * | 2018-05-31 | 2018-11-16 | 深圳市宏电技术股份有限公司 | Mark distributing method, device, terminal and computer readable storage medium |
CN108834130B (en) * | 2018-05-31 | 2022-09-02 | 深圳市宏电技术股份有限公司 | Identification distribution method, device, terminal and computer readable storage medium |
CN109299049A (en) * | 2018-10-11 | 2019-02-01 | 郑州云海信息技术有限公司 | A kind of processing method and processing device of file access request |
CN109299049B (en) * | 2018-10-11 | 2022-03-22 | 郑州云海信息技术有限公司 | Method and device for processing file access request |
CN109889508A (en) * | 2019-01-25 | 2019-06-14 | 北京融链科技有限公司 | A kind of right management method and device |
CN110120941A (en) * | 2019-04-16 | 2019-08-13 | 石化盈科信息技术有限责任公司 | A kind of single-point logging method based on cloud service |
CN111770126A (en) * | 2019-06-28 | 2020-10-13 | 北京京东尚科信息技术有限公司 | Service request processing method, device and storage medium |
CN111770126B (en) * | 2019-06-28 | 2023-08-04 | 北京京东尚科信息技术有限公司 | Service request processing method, device and storage medium |
CN110677494B (en) * | 2019-10-14 | 2021-06-01 | 腾讯科技(深圳)有限公司 | Access response method and device |
CN110677494A (en) * | 2019-10-14 | 2020-01-10 | 腾讯科技(深圳)有限公司 | Access response method and device |
CN112839008A (en) * | 2019-11-22 | 2021-05-25 | 北京沃东天骏信息技术有限公司 | Access monitoring method, device and system |
CN112839008B (en) * | 2019-11-22 | 2024-02-06 | 北京沃东天骏信息技术有限公司 | Access monitoring method, device and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105915510A (en) | Method and device for controlling service traffic | |
CN107360184B (en) | Terminal equipment authentication method and device | |
CN104333567B (en) | It is the web cachings serviced using safety | |
EP3890266A1 (en) | Verification method, apparatus, and system used for network application access | |
US20070174901A1 (en) | System and method for automatic wireless network password update | |
CN108696895A (en) | Resource acquiring method, apparatus and system | |
CN106453667B (en) | Update data cached method and device | |
CN108494755B (en) | Method and device for transmitting Application Programming Interface (API) request | |
CN104954468A (en) | Resource allocation method and resource allocation device | |
US8838725B2 (en) | Internet cache subscription for wireless mobile users | |
CN105228126B (en) | A kind of method and system of network access point trustship | |
CN106464745B (en) | Server, client and the method for data synchronization of DNS | |
CN108370379A (en) | With cunicular equipment management | |
CN108512849B (en) | Handshake method and system for accessing server | |
CN106789868A (en) | A kind of website user's Activity recognition and managing and control system | |
WO2018223964A1 (en) | Data caching control method and device | |
CN109819068A (en) | User terminal and its block chain domain name analytic method | |
CN105893607A (en) | Page data management method, device and data server | |
CN113595907A (en) | Aggregation method and device for issuing routing strategy based on SSLVPN | |
JP2023052288A (en) | Method, system, and program for relay | |
CN106603435B (en) | Distribute the method and device of port block resource | |
US20120226787A1 (en) | Optimizing use of internet protocol addresses | |
CN107277188A (en) | A kind of method, client, server and operation system for determining IP address attaching information | |
CN107992489A (en) | A kind of data processing method and server | |
CN106713456A (en) | Network bandwidth statistics method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160831 |