CN106357789B

CN106357789B - Information access control method, server and computer readable storage medium

Info

Publication number: CN106357789B
Application number: CN201610877186.8A
Authority: CN
Inventors: 凌飞; 赵磊
Original assignee: Tencent Technology Beijing Co Ltd
Current assignee: Tencent Technology Beijing Co Ltd
Priority date: 2016-09-30
Filing date: 2016-09-30
Publication date: 2020-01-10
Anticipated expiration: 2036-09-30
Also published as: CN106357789A

Abstract

The invention discloses an information access control method and a server, wherein the method comprises the following steps: receiving an access control strategy, wherein the access control strategy is a request response priority processing strategy generated by dividing according to the source of a request; when detecting that the current state is in an overload state, extracting characteristic parameters from at least one received first request, wherein the characteristic parameters are used for representing the source of the request or are related to the source of the request, and dividing the characteristic parameters into an information bit where the request is located and user information where the request belongs according to the source of the request; inquiring whether the characteristic parameter hits the access control strategy; if the characteristic parameters can be inquired in the access control strategy, selecting a request response priority corresponding to the characteristic parameters, and performing phased discarding processing on the at least one first request according to the request response priority; otherwise, directly performing discarding processing.

Description

Information access control method, server and computer readable storage medium

Technical Field

The present invention relates to information control technologies, and in particular, to an information access control method and a server.

Background

The information transmission is a process that one end transmits a command or status information to the other end through a channel and the command or status information is received by the other end, and most transmission modes except a point-to-point transmission mode need to be relayed or processed by a server in the internet in the information transmission process. If the server processes all requests in the same way, great pressure is brought to the server, and even if a distributed system architecture which is mostly a server cluster is adopted at present, the problem of server load pressure cannot be relieved along with the great increase of the access demand of users. At present, in order to relieve the load pressure of a server, some access requests are discarded, usually, a new access request is discarded under the condition that the server is found to be overloaded, the overload is very undesirable for a rigid processing policy of discarding all the time, if the new access request is a request which needs to be processed in time, the processing causes that the service performance and the stability of the whole information transmission system are not good, and a more flexible processing policy is needed to distinguish and access the access requests. However, in the related art, there is no effective solution to this problem.

Disclosure of Invention

In view of this, embodiments of the present invention provide an information access control method and a server, which at least solve the problems in the prior art.

The technical scheme of the embodiment of the invention is realized as follows:

an information access control method of an embodiment of the present invention includes:

receiving an access control strategy, wherein the access control strategy is a request response priority processing strategy generated by dividing according to the source of a request;

when detecting that the current state is in an overload state, extracting characteristic parameters from at least one received first request, wherein the characteristic parameters are used for representing the source of the request or are related to the source of the request, and dividing the characteristic parameters into an information bit where the request is located and user information where the request belongs according to the source of the request;

inquiring whether the characteristic parameter hits the access control strategy;

if the characteristic parameters can be inquired in the access control strategy, selecting a request response priority corresponding to the characteristic parameters, and performing phased discarding processing on the at least one first request according to the request response priority; otherwise, directly performing discarding processing.

In the above solution, the access control policy is a request response priority processing policy generated by dividing according to a source of a request, and includes:

the source of the request is identified through the information bit of the first request, the information bit of the first request is sequenced according to the first feedback value obtained by information display, and a sequencing result is generated;

and dividing the sequencing result according to the first feedback total quantity obtained by information display to obtain a staged request response priority, and obtaining the access control strategy according to the staged request response priority.

In the above scheme, the identification information carried in the first request includes an information bit where the first request is located;

and determining the information bit where the first request is located as the characteristic parameter.

the source of the request is identified through the user information to which the first request belongs, the user information to which the first request belongs is sorted according to the second feedback value obtained by information display, and a sorting result is generated;

and dividing the sequencing result according to the second feedback total quantity obtained by information display to obtain a staged request response priority, and obtaining the access control strategy according to the staged request response priority.

In the above scheme, the identification information carried in the first request includes user information to which the first request belongs;

and determining the user information to which the first request belongs as the characteristic parameter.

In the foregoing solution, if the feature parameter can be queried in the access control policy, selecting a request response priority corresponding to the feature parameter, and performing a phased discarding process on the at least one first request according to the request response priority, includes:

when the information bit of the first request is inquired from the access control strategy, if the information bit of the first request corresponds to the request response priority of the first stage in the access control strategy, the first request is discarded, and the feedback that the processing result is empty is returned to the request initiator;

if the information bit where the first request is located corresponds to the request response priority of the x-th stage in the access control strategy, and x is a positive integer greater than 1, judging according to the current overload state and the executed discarding process, when detecting that the staged discarding process sequentially executed prior to the request response priority of the x-th stage still cannot relieve the overload condition, discarding the first request matched with the request response priority of the x-th stage, and returning the feedback that the processing result is empty to the request initiator.

A server according to an embodiment of the present invention includes:

a receiving unit, configured to receive an access control policy, where the access control policy is a request response priority processing policy generated by dividing according to a source of a request;

the device comprises a detection unit, a processing unit and a processing unit, wherein the detection unit is used for extracting characteristic parameters from at least one received first request when detecting that the current state is in an overload state, the characteristic parameters are used for representing the source of the request or are related to the source of the request, and the characteristic parameters are divided into an information bit where the request is located and user information where the request belongs according to the source of the request;

the query unit is used for querying whether the characteristic parameters hit the access control strategy;

a discarding execution unit, configured to select a request response priority corresponding to the feature parameter if the feature parameter can be queried in the access control policy, and perform a phased discarding process on the at least one first request according to the request response priority; otherwise, directly performing discarding processing.

In the foregoing solution, the receiving unit is further configured to receive an access control policy, where a generation rule of the access control policy includes:

In the above solution, the server further includes: a characteristic parameter determination unit configured to:

analyzing the identification information carried in the first request as the information bit of the first request;

analyzing the identification information carried in the first request as the user information to which the first request belongs;

In the foregoing solution, the discard executing unit is further configured to:

The information access control method of the embodiment of the invention comprises the following steps: receiving an access control strategy, wherein the access control strategy is a request response priority processing strategy generated by dividing according to the source of a request; when detecting that the current state is in an overload state, extracting characteristic parameters from at least one received first request, wherein the characteristic parameters are used for representing the source of the request or are related to the source of the request, and dividing the characteristic parameters into an information bit where the request is located and user information where the request belongs according to the source of the request; inquiring whether the characteristic parameter hits the access control strategy; if the characteristic parameters can be inquired in the access control strategy, selecting a request response priority corresponding to the characteristic parameters, and performing phased discarding processing on the at least one first request according to the request response priority; otherwise, directly performing discarding processing.

By adopting the embodiment of the invention, the access requests are distinguished according to the set access control strategy, and under the condition that the server is found to be overloaded, the characteristic parameters are extracted from at least one received first request, are used for representing the source of the request or are related to the source of the request, and are divided into the information bit where the request is located and the user information where the request belongs according to the source of the request; inquiring whether the characteristic parameter hits the access control strategy; if the characteristic parameters can be inquired in the access control strategy, selecting a request response priority corresponding to the characteristic parameters, and performing phased discarding processing on the at least one first request according to the request response priority; otherwise, directly performing discarding processing. Therefore, under the condition that the server is overloaded, the discarding processing is carried out according to the association between the access request and the access control strategy, not according to the hard processing strategy that the newly added access request is discarded all at once, but according to the request response priority level stage of the access control strategy, so that the service performance and the stability of the whole information transmission system are improved.

Drawings

FIG. 1 is a diagram of hardware entities performing information interaction in an embodiment of the present invention;

FIG. 2 is a flowchart illustrating a method according to a first embodiment of the present invention;

FIG. 3 is a flowchart of a method implementation of the second embodiment of the present invention;

FIG. 4 is a flowchart of a method implementation of a third embodiment of the present invention;

FIG. 5 is a schematic diagram of a system configuration according to a fifth embodiment of the present invention;

fig. 6 is a schematic diagram of a system architecture applying a scenario of the embodiment of the present invention.

Detailed Description

The following describes the embodiments in further detail with reference to the accompanying drawings.

A mobile terminal implementing various embodiments of the present invention will now be described with reference to the accompanying drawings. In the following description, suffixes such as "module", "component", or "unit" used to denote elements are used only for facilitating the description of the embodiments of the present invention, and have no specific meaning in themselves. Thus, "module" and "component" may be used in a mixture.

In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without these specific details. In other instances, well-known methods, procedures, components, circuits, and networks disclosed have not been described in detail as not to unnecessarily obscure aspects of the embodiments.

In addition, although the terms "first", "second", etc. are used herein several times to describe various elements (or various thresholds or various applications or various instructions or various operations), etc., these elements (or thresholds or applications or instructions or operations) should not be limited by these terms. These terms are only used to distinguish one element (or threshold or application or instruction or operation) from another element (or threshold or application or instruction or operation). For example, a first operation may be referred to as a second operation, and a second operation may be referred to as a first operation, without departing from the scope of the invention, the first operation and the second operation being operations, except that they are not the same operation.

The steps in the embodiment of the present invention are not necessarily processed according to the described step sequence, and may be optionally rearranged in a random manner, or steps in the embodiment may be deleted, or steps in the embodiment may be added according to requirements.

The term "and/or" in embodiments of the present invention refers to any and all possible combinations including one or more of the associated listed items. It is also to be noted that: when used in this specification, the term "comprises/comprising" specifies the presence of stated features, integers, steps, operations, elements and/or components but does not preclude the presence or addition of one or more other features, integers, steps, operations, elements and/or components and/or groups thereof.

The intelligent terminal (e.g., mobile terminal) of the embodiments of the present invention may be implemented in various forms. For example, the mobile terminal described in the embodiments of the present invention may include a mobile terminal such as a mobile phone, a smart phone, a notebook computer, a Digital broadcast receiver, a Personal Digital Assistant (PDA), a tablet computer (PAD), a Portable Multimedia Player (PMP), a navigation device, and the like, and a fixed terminal such as a Digital TV, a desktop computer, and the like. In the following, it is assumed that the terminal is a mobile terminal. However, it will be understood by those skilled in the art that the configuration according to the embodiment of the present invention can be applied to a fixed type terminal in addition to elements particularly used for moving purposes.

Fig. 1 is a schematic diagram of hardware entities performing information interaction in an embodiment of the present invention, where fig. 1 includes: server 11, terminal devices 21 to 24, server 31, and server 41; the terminal equipment performs information interaction with the server through a wired network or a wireless network, and the terminal equipment comprises a mobile phone, a desktop computer, a PC (personal computer), an all-in-one machine and the like. By adopting the embodiment of the invention, the terminal equipment 21-24 sends out the first request, such as an advertisement request, the server 31 generates the request response priority processing strategy according to the source of the request by dividing in advance, the request response priority processing strategy is taken as the access control strategy, and the access control strategy is sent to the server 11, so that the server 11 can distinguish the request according to the access control strategy and selectively access control the request under the overload condition. The server 41 is a request processing server of the background logic layer, and receives the to-be-processed request transmitted by the server 11 after the server 11 performs selective access control. The server 11 executes a processing logic, wherein, in the processing logic S1, when it is detected that the current overload state is present, a feature parameter is extracted from the received at least one first request, and compared with the access control policy, it is queried whether the feature parameter hits the access control policy. In the processing logic S2, if the characteristic parameter can be queried in the access control policy, selecting a request response priority corresponding to the characteristic parameter, and performing a phased discarding process on the at least one first request according to the request response priority, instead of discarding newly added requests all at once as long as the at least one first request is found to be in an overload state; if the characteristic parameter cannot be queried in the access control policy, it indicates that the extracted characteristic parameter in the first request does not hit the access control policy, the first request is a request which is not necessarily processed in time, and the request is discarded all at once in an overload state, if the server 11 has storage capacity, the request can also be stored in a cache of the server 11, and the first request is processed after the condition that the request is not overloaded currently is checked. It should be noted here that the extracted feature parameter in the first request hits the access control policy, but according to the request discarded in the priority level stage, if the server 11 has storage capacity, the request may also be stored in the cache of the server 11, and the first request is processed after checking that the current situation is not an overload situation.

The above example of fig. 1 is only an example of a system architecture for implementing the embodiment of the present invention, and the embodiment of the present invention is not limited to the system architecture described in the above fig. 1, and various embodiments of the method of the present invention are proposed based on the system architecture described in the above fig. 1.

As shown in fig. 2, an information access control method according to an embodiment of the present invention includes:

step 101, a server receives an access control policy, wherein the access control policy is a request response priority processing policy generated by dividing according to a request source.

Here, as for the access control policy that characterizes the request response processing priority generated for the source of the request, one example is that when the policy is generated for the ad spots eCPM, the ad spots are sorted by eCPM. At this time, the first request includes advertisement position information (for identifying from which advertisement position the advertisement corresponding to the first request comes), since the value of eCPM that can be brought by each advertisement position is different (the value of eCPM is related to advertisement position revenue data and request amount, and a formula for calculating eCPM is: eCPM is total revenue/total request 1000), therefore, an advertisement position that can bring a larger eCPM value may need to be paid more attention, that is, a first request issued from an advertisement position that can bring a larger eCPM value corresponds to a higher priority, and in case of overload or sudden overload, the first request is to be protected preferentially, that is, a request that needs to be processed in time, and cannot be discarded at the first time. While the first request from the slot with the lowest eCPM value has to be discarded for the first time in case of overload or sudden overload. These processes are all judgment and discard processes performed at an access server (e.g., server 11 shown in fig. 1) of the information processing system of the present application. If the request is discarded, the feedback that the execution result is empty is returned to the front end sending the first request, namely the access server returns the empty result to the front end; if the first request is not discarded, the first request is passed through to a logic processing server (e.g., the server 41 shown in fig. 1) in the background, and the first request is processed correspondingly.

Here, as for the access control policy that characterizes the priority of request response processing generated for the source of the request, a second example is that when the policy is generated based on user information, the advertisement spots are sorted by user position information such as province, city, district, county, street, etc. At this time, the first request includes geographical location information of the user (for identifying from which province, city, district, county, and street the advertisement corresponding to the first request comes), and since the CTR value brought by each request originating from a geographical location with different dimensions is different, a request with a larger CTR value needs to be paid more attention, that is, a first request issued from a geographical location with a larger CTR value corresponds to a higher priority, and in case of overload or sudden overload, priority protection is obtained, and the first request is a request that needs to be processed in time and cannot be discarded at the first time. Whereas the first request issued from the geographical location with the lowest CTR value has to be discarded for the first time in case of overload or sudden overload. These processes are all judgment and discard processes performed at an access server (e.g., server 11 shown in fig. 1) of the information processing system of the present application. If the request is discarded, the feedback that the execution result is empty is returned to the front end sending the first request, namely the access server returns the empty result to the front end; if the first request is not discarded, the first request is passed through to a logic processing server (e.g., the server 41 shown in fig. 1) in the background, and the first request is processed correspondingly.

Step 102, when detecting that the server is currently in an overload state, extracting characteristic parameters from at least one received first request.

Here, the characteristic parameter is used to characterize or relate to the source of the request, and is divided into an information bit where the request is located and user information to which the request belongs according to the source of the request.

Step 103, the server inquires whether the characteristic parameter hits the access control strategy, if so, step 104 is executed; otherwise, step 106 is performed.

And 104, if the characteristic parameters can be inquired in the access control strategy, selecting request response priority corresponding to the characteristic parameters.

Here, the request response priority may be identified by a phased process using a flexibility percentage parameter. In a practical application, the first request is a request for advertisement information, and after the advertisement flexible management system generates an access control policy, the access control policy is pushed to the access server cluster. After receiving the advertisement request from the front end, the access server cluster judges whether the characteristics of the advertisement request hit the control strategy, if yes, the access server cluster randomly selects according to the flexibility percentage parameter in the access control strategy, and directly returns an empty result without accessing the logic processing server of the background. By the flexible access control strategy, the pressure of the background logic processing server cluster can be kept stable under the condition that the sudden request of the system is too high, and the processing effect of the key advertisement space can be guaranteed.

Step 105, according to the request response priority, performing a phased discarding process on the at least one first request.

And 106, directly discarding the characteristic parameters if the characteristic parameters cannot be inquired in the access control strategy.

Through

step

102, 106, if the characteristic parameter can be queried in the access control policy, selecting a request response priority corresponding to the characteristic parameter, and performing a phased discarding process on the at least one first request according to the request response priority, instead of discarding a newly added request all at once as long as the request is in an overload state; if the characteristic parameter cannot be inquired in the access control strategy, the extracted characteristic parameter in the first request is not hit in the access control strategy, and the first request is a request which is not necessarily processed in time and is discarded all at once in an overload state.

The accuracy of the above-mentioned staged discarding process depends on how to generate the access control policy, so that, in case of overload, the server can distinguish and access control the access request sent by the front end according to the access control policy.

In an actual application, the request is divided according to the source of the request, a request response priority processing strategy is generated, and the request response priority processing strategy is determined as the access control strategy.

1) Generating the access control strategy based on an advertisement position eCPM: the ad slots are ordered by eCPM.

The most recent N days (e.g., 7 days) of ad spot revenue data and request amount may be pulled, eCPM 1000 total revenue/total request. Excluding ad slots with daily requests below M (e.g., 100 ten thousand), eCPM ranks low to high. The access control strategy is a flexible control mechanism and is segmented and stepped control. The total amount of top P1 (e.g., 10%) requests are taken as the first flex phase, i.e., the data that will be discarded in the first phase. The second flex phase is taken as the total top P2 (e.g., 20%) request. The total top P3 (e.g., 20%) request is taken as the third flexibility phase. And when the characteristic parameter contained in the first request is the advertisement space, comparing the characteristic parameter with the access control strategy generated based on the advertisement space eCPM. If more than 50% of requests are discarded, the cluster pressure of the background logic processing server still cannot be controlled, and a higher-level control strategy needs to be decided through manual intervention.

2) Generating the access control policy based on user information.

The user information and the overall exposure data of the last N days (such as 7 days) of the generated advertisement clicks can be pulled, the province is taken as the dimension, and the CTR is sorted from low to high. The access control strategy is a flexible control mechanism and is segmented and stepped control. Taking the first P1 (such as 10%) province as the first flexibility stage, the first P2 (such as 20%) province as the second flexibility stage, and the first P3 (such as 20%) province as the third flexibility stage. And when the characteristic parameter contained in the first request is user information, comparing the characteristic parameter with the access control strategy generated based on the user information. If more than 50% of requests are discarded, the cluster pressure of the background logic processing server still cannot be controlled, and a higher-level control strategy needs to be decided through manual intervention.

It should be noted that the access control policy generated based on the advertisement space eCPM and based on the user information may be used in combination or in any combination. Since the policy based on the user information is used for screening the accuracy of request discarding, the influence of the policy based on the user information is larger than that of the policy based on the advertisement space, that is, the access control policy is generated based on the user information, and the priority of the access control policy is lower than that of the access control policy generated based on the advertisement space, therefore, when the policy is used in combination, the policy is compared with the access control policy generated based on the user information, and then the access control policy is generated based on the user information. However, if any one of them is selected, it is preferable to generate the access control policy based on user information.

By adopting the staged discarding processing of the embodiment of the invention, different from the prior art, the existing computer access control strategy adopts various methods to discard excessive requests on a single server microscopically, thereby ensuring the normal service of the single server; once overloaded, whatever requests are discarded altogether. The embodiment of the invention distinguishes the requests according to the request scene, decides whether to discard the requests finally, flexibly controls the access of the whole access control system from the business layer, performs differentiation processing on different requests, and controls different requests to perform special access, thereby flexibly suppressing the flow of the whole system and ensuring the processing precision of key requests. The accuracy and processing efficiency are higher while ensuring that the system is usable.

As shown in fig. 3, an information access control method according to an embodiment of the present invention includes:

step 201, the source of the request is identified by the information bit of the first request, and the information bit of the first request is sorted according to the first feedback value obtained by information display, so as to generate a sorting result.

Here, the first feedback value may be eCPM, which refers to: the advertising revenue that can be obtained is shown every thousand times, and the unit of display can be a webpage, an advertising unit or even a single advertisement. By default, eCPM refers to revenue from thousands of web page presentations.

Step 202, dividing the sorting result according to the first feedback total quantity obtained by information display to obtain a staged request response priority, and obtaining the access control strategy according to the staged request response priority.

Here, when the sorting result is divided according to the first total feedback amount obtained by information display, the percentage parameter is obtained by dividing according to percentage. The percentage parameter is randomly selected, the selected request does not access the background logic processing server, and the empty execution result is directly returned to the front end. For example, taking the generation of the access control policy based on the eCPM as an example, the access control policy is a step-by-step control, and the total amount of the top P1 (e.g., 10%) requests are taken as the first flexible phase, i.e., the data to be discarded in the first phase. The second flex phase is taken as the total top P2 (e.g., 20%) request. The total top P3 (e.g., 20%) request is taken as the third flexibility phase.

Here, when generating a policy for the ad slots eCPM, the ad slots are ordered by eCPM. At this time, the first request includes advertisement position information (for identifying from which advertisement position the advertisement corresponding to the first request comes), since the value of eCPM that can be brought by each advertisement position is different (the value of eCPM is related to advertisement position revenue data and request amount, and a formula for calculating eCPM is: eCPM is total revenue/total request 1000), therefore, an advertisement position that can bring a larger eCPM value may need to be paid more attention, that is, a first request issued from an advertisement position that can bring a larger eCPM value corresponds to a higher priority, and in case of overload or sudden overload, the first request is to be protected preferentially, that is, a request that needs to be processed in time, and cannot be discarded at the first time. While the first request from the slot with the lowest eCPM value has to be discarded for the first time in case of overload or sudden overload. These processes are all judgment and discard processes performed at an access server (e.g., server 11 shown in fig. 1) of the information processing system of the present application. If the request is discarded, the feedback that the execution result is empty is returned to the front end sending the first request, namely the access server returns the empty result to the front end; if the first request is not discarded, the first request is passed through to a logic processing server (e.g., the server 41 shown in fig. 1) in the background, and the first request is processed correspondingly.

Step 203, when detecting that the server is currently in an overload state, the server receives at least one first request, identification information carried in the at least one first request includes an information bit where the first request is located, determines the information bit where the first request is located as the characteristic parameter, and extracts the characteristic parameter.

Here, the characteristic parameter is used to characterize a source of the request or is related to the source of the request, and may be divided into an information bit where the request is located and user information where the request belongs according to the source of the request, specifically, the information bit where the first request is located in this embodiment.

Step 204, the server inquires whether the characteristic parameter hits the access control strategy, if so, step 205 is executed; otherwise, step 207 is performed.

Step 205, if the characteristic parameter can be queried in the access control policy, selecting a request response priority corresponding to the characteristic parameter.

Step 206, performing a phased discarding process on the at least one first request according to the request response priority.

And step 207, directly discarding the characteristic parameters if the characteristic parameters cannot be inquired in the access control strategy.

Through step 203-; if the characteristic parameter cannot be inquired in the access control strategy, the extracted characteristic parameter in the first request is not hit in the access control strategy, and the first request is a request which is not necessarily processed in time and is discarded all at once in an overload state.

In an actual application, the request is divided according to the source of the request, a request response priority processing strategy is generated, and the request response priority processing strategy is determined as the access control strategy. Generating the access control strategy based on an advertisement position eCPM: the ad slots are ordered by eCPM.

As shown in fig. 4, an information access control method according to an embodiment of the present invention includes:

step 301, the source of the request is identified by the user information to which the first request belongs, and the user information to which the first request belongs is sorted according to the second feedback value obtained by information display, so as to generate a sorting result.

Here, the second feedback value may be CTR, where CTR refers to an advertisement click rate, and the second feedback value is used to input a keyword in a search engine, search the keyword, arrange related webpages in order according to factors such as bidding, and then a user may select a website that the user is interested in to click in, take the number of times of searching out of a website as the total number of times, and call the click rate as a ratio of the number of times of clicking and entering the website by the user to the total number of times. The CTR of the embodiment of the invention is evaluated according to the user position information, country, province, city, district, county, street and the like, the user information which generates the advertisement click and the whole exposure data in the last N days (such as 7 days) are drawn, the province is taken as the dimension, and the CTR is sorted according to the low to high.

And 302, dividing the sequencing result according to the second feedback total quantity obtained by information display to obtain a staged request response priority, and obtaining the access control strategy according to the staged request response priority.

Here, when the sorting result is divided according to the second feedback total amount obtained by information display, the percentage parameter is obtained by dividing according to percentage. The percentage parameter is randomly selected, the selected request does not access the background logic processing server, and the empty execution result is directly returned to the front end. As an example, the access control policy is generated based on user information, and is a stepwise control of segments. Taking the first P1 (such as 10%) province as the first flexibility stage, the first P2 (such as 20%) province as the second flexibility stage, and the first P3 (such as 20%) province as the third flexibility stage.

Here, as for the access control policy that characterizes the priority of request response processing generated for the source of the request, one example is when generating the policy based on user information, that is, sorting advertisement spots by user position information such as province, city, district, county, street, and the like. At this time, the first request includes geographical location information of the user (for identifying from which province, city, district, county, and street the advertisement corresponding to the first request comes), and since the CTR value brought by each request originating from a geographical location with different dimensions is different, a request with a larger CTR value needs to be paid more attention, that is, a first request issued from a geographical location with a larger CTR value corresponds to a higher priority, and in case of overload or sudden overload, priority protection is obtained, and the first request is a request that needs to be processed in time and cannot be discarded at the first time. Whereas the first request issued from the geographical location with the lowest CTR value has to be discarded for the first time in case of overload or sudden overload. These processes are all judgment and discard processes performed at an access server (e.g., server 11 shown in fig. 1) of the information processing system of the present application. If the request is discarded, the feedback that the execution result is empty is returned to the front end sending the first request, namely the access server returns the empty result to the front end; if the first request is not discarded, the first request is passed through to a logic processing server (e.g., the server 41 shown in fig. 1) in the background, and the first request is processed correspondingly.

Step 303, when detecting that the server is currently in an overload state, the server receives at least one first request, where identification information carried in the at least one first request includes user information to which the first request belongs, determines the user information to which the first request belongs as the characteristic parameter, and extracts the characteristic parameter.

Here, the characteristic parameter is used to characterize a source of the request or is related to the source of the request, and may be divided into an information bit where the request is located and user information to which the request belongs according to the source of the request, which is specifically user information to which the first request belongs in this embodiment, such as user geographical location information.

Step 304, the server inquires whether the characteristic parameter hits the access control strategy, if so, step 305 is executed; otherwise, step 307 is executed.

Step 305, if the characteristic parameter can be queried in the access control policy, selecting a request response priority corresponding to the characteristic parameter.

Step 306, performing a phased discarding process on the at least one first request according to the request response priority.

Step 307, the feature parameters are not queried in the access control policy, and discarding processing is directly performed.

Through step 303-; if the characteristic parameter cannot be inquired in the access control strategy, the extracted characteristic parameter in the first request is not hit in the access control strategy, and the first request is a request which is not necessarily processed in time and is discarded all at once in an overload state.

In a practical application, dividing according to the source of the request, generating a request response priority processing strategy, determining the request response priority processing strategy as the access control strategy, and generating the access control strategy based on user information. The user information and the overall exposure data of the last N days (such as 7 days) of the generated advertisement clicks can be pulled, the province is taken as the dimension, and the CTR is sorted from low to high. The access control strategy is a flexible control mechanism and is segmented and stepped control. Taking the first P1 (such as 10%) province as the first flexibility stage, the first P2 (such as 20%) province as the second flexibility stage, and the first P3 (such as 20%) province as the third flexibility stage. And when the characteristic parameter contained in the first request is user information, comparing the characteristic parameter with the access control strategy generated based on the user information. If more than 50% of requests are discarded, the cluster pressure of the background logic processing server still cannot be controlled, and a higher-level control strategy needs to be decided through manual intervention.

Based on the foregoing embodiment, in an information access control method according to an embodiment of the present invention, if the feature parameter can be queried in the access control policy, selecting a request response priority corresponding to the feature parameter, and performing a phased discard process on the at least one first request according to the request response priority, includes: 1) and when the information bit of the first request is inquired from the access control strategy, if the information bit of the first request corresponds to the request response priority of the first stage in the access control strategy, discarding the first request, and returning a feedback that the processing result is empty to a request initiator. 2) If the information bit where the first request is located corresponds to the request response priority of the x-th stage in the access control strategy, and x is a positive integer greater than 1, judging according to the current overload state and the executed discarding process, when detecting that the staged discarding process sequentially executed prior to the request response priority of the x-th stage still cannot relieve the overload condition, discarding the first request matched with the request response priority of the x-th stage, and returning the feedback that the processing result is empty to the request initiator. 3) If the request which is not processed by the discarding process is transmitted to the logic processing server of the background in the process of the staged discarding process, the logic processing server corresponds to the first request and provides corresponding service feedback. For example, in the current overload state, after the request "request a 1" meeting the request response priority in the first stage is filtered and discarded according to the access control policy, other requests that are not filtered and matched are transparently transmitted, and the requests "requests a2, … … An" that are not discarded are transparently transmitted to the logic processing server in the background, and the logic processing server responds to the first request and provides corresponding service feedback.

As shown in fig. 5, the information access control system according to the embodiment of the present invention includes a terminal 51, an access server 61, a policy generation server 71, and a logic processing server 81; wherein, the access server 61 includes: a receiving unit 611, configured to receive an access control policy, where the access control policy is a request response priority processing policy generated by dividing according to a source of a request; a detecting unit 612, configured to extract a feature parameter from at least one received first request when it is detected that the request is currently in an overload state, where the feature parameter is used to characterize a source of the request or is related to the source of the request, and is divided into an information bit where the request is located and user information to which the request belongs according to the source of the request; a query unit 613, configured to query whether the feature parameter hits in the access control policy; a discard execution unit 614, configured to select a request response priority corresponding to the feature parameter if the feature parameter can be queried in the access control policy, and perform a phased discard processing on the at least one first request according to the request response priority; otherwise, directly performing discarding processing.

One example of generating the access control policy characterizing the processing priority of request responses for the source of the request is when generating a policy for the ad spots eCPM, i.e. ordering the ad spots according to the eCPM. At this time, the first request includes advertisement position information (for identifying from which advertisement position the advertisement corresponding to the first request comes), since the value of eCPM that can be brought by each advertisement position is different (the value of eCPM is related to advertisement position revenue data and request amount, and a formula for calculating eCPM is: eCPM is total revenue/total request 1000), therefore, an advertisement position that can bring a larger eCPM value may need to be paid more attention, that is, a first request issued from an advertisement position that can bring a larger eCPM value corresponds to a higher priority, and in case of overload or sudden overload, the first request is to be protected preferentially, that is, a request that needs to be processed in time, and cannot be discarded at the first time. While the first request from the slot with the lowest eCPM value has to be discarded for the first time in case of overload or sudden overload. These processes are all judgment and discard processes performed at an access server (e.g., server 11 shown in fig. 1) of the information processing system of the present application. If the request is discarded, the feedback that the execution result is empty is returned to the front end sending the first request, namely the access server returns the empty result to the front end; if the first request is not discarded, the first request is passed through to a logic processing server (e.g., the server 41 shown in fig. 1) in the background, and the first request is processed correspondingly.

The request response priority may be identified by staging using a flexibility percentage parameter. In a practical application, the first request is a request for advertisement information, and after the advertisement flexible management system generates an access control policy, the access control policy is pushed to the access server cluster. After receiving the advertisement request from the front end, the access server cluster judges whether the characteristics of the advertisement request hit the control strategy, if yes, the access server cluster randomly selects according to the flexibility percentage parameter in the access control strategy, and directly returns an empty result without accessing the logic processing server of the background. By the flexible access control strategy, the pressure of the background logic processing server cluster can be kept stable under the condition that the sudden request of the system is too high, and the processing effect of the key advertisement space can be guaranteed.

If the characteristic parameters can be inquired in the access control strategy, selecting a request response priority corresponding to the characteristic parameters, and performing staged discarding processing on the at least one first request according to the request response priority instead of discarding newly added requests all by all as long as the condition that the at least one first request is in an overload state is found; if the characteristic parameter cannot be inquired in the access control strategy, the extracted characteristic parameter in the first request is not hit in the access control strategy, and the first request is a request which is not necessarily processed in time and is discarded all at once in an overload state.

2) Generating the access control policy based on user information.

In an implementation manner of the embodiment of the present invention, the receiving unit is further configured to receive an access control policy, where a generation rule of the access control policy includes: the source of the request is identified through the information bit of the first request, the information bit of the first request is sequenced according to the first feedback value obtained by information display, and a sequencing result is generated; and dividing the sequencing result according to the first feedback total quantity obtained by information display to obtain a staged request response priority, and obtaining the access control strategy according to the staged request response priority.

In an implementation manner of the embodiment of the present invention, the server further includes: a characteristic parameter determination unit configured to: analyzing the identification information carried in the first request as the information bit of the first request; and determining the information bit where the first request is located as the characteristic parameter.

In an implementation manner of the embodiment of the present invention, the receiving unit is further configured to receive an access control policy, where a generation rule of the access control policy includes: the source of the request is identified through the user information to which the first request belongs, the user information to which the first request belongs is sorted according to the second feedback value obtained by information display, and a sorting result is generated; and dividing the sequencing result according to the second feedback total quantity obtained by information display to obtain a staged request response priority, and obtaining the access control strategy according to the staged request response priority.

In an implementation manner of the embodiment of the present invention, the server further includes: a characteristic parameter determination unit configured to: analyzing the identification information carried in the first request as the user information to which the first request belongs; and determining the user information to which the first request belongs as the characteristic parameter.

In an implementation manner of the embodiment of the present invention, the discard executing unit is further configured to: when the information bit of the first request is inquired from the access control strategy, if the information bit of the first request corresponds to the request response priority of the first stage in the access control strategy, the first request is discarded, and the feedback that the processing result is empty is returned to the request initiator; if the information bit where the first request is located corresponds to the request response priority of the x-th stage in the access control strategy, and x is a positive integer greater than 1, judging according to the current overload state and the executed discarding process, when detecting that the staged discarding process sequentially executed prior to the request response priority of the x-th stage still cannot relieve the overload condition, discarding the first request matched with the request response priority of the x-th stage, and returning the feedback that the processing result is empty to the request initiator.

As for the processor for data Processing, when executing Processing, the processor can be implemented by a microprocessor, a Central Processing Unit (CPU), a Digital Signal Processor (DSP), or a Programmable logic Array (FPGA); for the storage medium, the storage medium contains operation instructions, which may be computer executable codes, and the operation instructions implement the steps in the flow of the information processing method according to the above-described embodiment of the present invention.

Here, it should be noted that: the above description related to the terminal and the server items is similar to the above description of the method, and the description of the beneficial effects of the same method is omitted for brevity. For technical details not disclosed in the embodiments of the terminal and the server of the present invention, please refer to the description of the embodiments of the method flow of the present invention.

The embodiment of the invention is explained by taking a practical application scene as an example as follows:

in the access control scene aiming at the advertisement platform, the advertisement platform serves billions of users, the total access amount per day reaches billions, so that the huge access amount is generated, if abnormal fluctuation occurs in the request, huge pressure is brought to a background server, and income loss can be directly caused. The advertisement platform can handle traffic under a large number of different ad slots, while the ecpms of different ad slots are different, and it is obviously not desirable if not processing all overload requests to discard, so a more intelligent access control strategy is needed to control access traffic. For this problem, one overload protection scheme based on sliding windows is: setting a sliding window representing a time period, wherein the sliding window records a request received by a server in the corresponding time period; and when the server receives a new request, detecting the current load state of the server according to the request received by the server and recorded by the sliding window, and judging whether to process the request according to the detection result. Another buffer-based access control scheme is: when the cache area for storing the network data is full, judging whether to discard the received network data according to a preset discarding strategy; if the judgment result is that the network data is not discarded, the received network data is stored in the cache region to replace the original network data in the cache region; and taking out the network data in the buffer area and sending the network data to the next-level equipment. However, in both of these schemes, the access control policy adopted is to microscopically discard excessive requests on a single server by using various methods, so as to ensure normal service of the single server; once overloaded, whatever request is discarded, the request cannot be suppressed for advertisement scene differentiation, the granularity is coarse, and the access control policy is not flexible enough.

For the above access control scenario, by adopting the embodiment of the present invention, under the condition of traffic overload, the stability of the overall service and the processing effect of the key advertisement space can be ensured, and the advertisement request is prevented from being discarded under the overload condition all the time. According to the embodiment of the invention, the access of the whole system is flexibly controlled from a business layer, different advertisement space requests are processed in a differentiated mode, and different requests are controlled by the access server to carry out special access, so that the flow of the whole system is flexibly suppressed, and the processing effect of key advertisement spaces is guaranteed. The related technical terms comprise: 1) flexibility, the usability of key services can be ensured as much as possible; 2) eCPM: effective cost per mile, which means that the advertising revenue that can be obtained for every thousand impressions is shown; 3) CTR: click-through Rate, number of clicks divided by number of exposures.

In the system architecture of fig. 6, access control policies are generated by the ad flexibility management system and pushed to the cluster of access servers. After receiving the front-end advertisement request, the access server cluster judges whether the advertisement request features hit the control strategy, if the control strategy is hit, random selection is carried out according to the flexibility percentage parameter in the strategy, and the selected request directly returns an empty result without accessing the background logic processing server. By the flexible access control strategy, the pressure of the background logic processing server cluster can be kept stable under the condition that the sudden request of the system is too high, and the processing effect of the key advertisement space can be guaranteed.

The access control policy is generated by an ad slot compliance management system. The method comprises the following steps:

one, based on the ad slot generation policy (ad request traffic of preferred processing is controlled according to the ad slot eCPM ordering).

The ad spot revenue data and the amount of requests for the last N days (e.g., 7 days) are pulled, eCPM 1000 total revenue/total requests. Excluding ad slots with daily requests below M (e.g., 100 ten thousand), eCPM ranks low to high. The flexibility control is a stepwise control, taking the total amount of the first P1 (e.g., 10%) requests as the first flexibility stage, i.e., the data that will be discarded by the first stage. The second flex phase is taken as the total top P2 (e.g., 20%) request. The total top P3 (e.g., 20%) request is taken as the third flexibility phase.

If more than 50% of requests are discarded, the cluster pressure of the background logic processing server still cannot be controlled, and a higher-level control strategy needs to be decided through manual intervention.

Second, a policy is generated based on the user information (advertisement request traffic for preferred processing is controlled according to the user province CTR ranking).

And pulling the user information and the overall exposure data which are generated by the advertisement clicks in the last N days (such as 7 days), taking provinces as dimensions, and sequencing CTR from low to high. The flexibility control is a step-by-step control, the first flexibility stage is the first P1 (such as 10%) province, the second flexibility stage is the first P2 (such as 20%) province, and the third flexibility stage is the first P3 (such as 20%) province.

User information based policies have a greater impact on revenue than ad slot based policies, so the priority is lower than ad slot based policies. If more than 50% of requests are discarded, the cluster pressure of the background logic processing server still cannot be controlled, and a higher-level control strategy needs to be decided through manual intervention.

In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, all the functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may be separately regarded as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.

Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: a mobile storage device, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

Alternatively, the integrated unit of the present invention may be stored in a computer-readable storage medium if it is implemented in the form of a software functional unit and sold or used as a separate product. Based on such understanding, the technical solutions of the embodiments of the present invention may be essentially implemented or a part contributing to the prior art may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the methods described in the embodiments of the present invention. And the aforementioned storage medium includes: a removable storage device, a ROM, a RAM, a magnetic or optical disk, or various other media that can store program code.

The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims

1. An information access control method, characterized in that the method comprises:

receiving an access control strategy, wherein the access control strategy is a request response priority processing strategy generated by dividing according to the source of a request and is used for dividing the received request;

2. The method of claim 1, wherein the access control policy is a request response priority handling policy generated by partitioning according to the source of the request, and comprises:

3. The method according to claim 2, wherein the identification information carried in the first request includes an information bit where the first request is located;

4. The method of claim 1, wherein the access control policy is a request response priority handling policy generated by partitioning according to the source of the request, and comprises:

5. The method according to claim 4, wherein the identification information carried in the first request includes user information to which the first request belongs;

6. The method according to claim 3 or 5, wherein if the characteristic parameter can be queried in the access control policy, selecting a request response priority corresponding to the characteristic parameter, and performing a phased discard process on the at least one first request according to the request response priority, comprises:

7. A server, characterized in that the server comprises:

a receiving unit, configured to receive an access control policy, where the access control policy is a request response priority processing policy generated by dividing according to a source of a request, and is used to distinguish received requests;

8. The server according to claim 7, wherein the receiving unit is further configured to receive an access control policy, where the rule for generating the access control policy includes:

9. The server of claim 8, further comprising: a characteristic parameter determination unit configured to:

10. The server according to claim 7, wherein the receiving unit is further configured to receive an access control policy, where the rule for generating the access control policy includes:

11. The server according to claim 10, further comprising: a characteristic parameter determination unit configured to:

12. The server according to claim 9 or 11, wherein the discard execution unit is further configured to:

13. A computer-readable storage medium, in which a computer program is stored, the computer program being executable by a processor to implement the steps in the information access control method of any one of claims 1 to 6.