CN106411978B - Resource caching method and device - Google Patents
Resource caching method and device Download PDFInfo
- Publication number
- CN106411978B CN106411978B CN201510464724.6A CN201510464724A CN106411978B CN 106411978 B CN106411978 B CN 106411978B CN 201510464724 A CN201510464724 A CN 201510464724A CN 106411978 B CN106411978 B CN 106411978B
- Authority
- CN
- China
- Prior art keywords
- resource
- server
- caching
- terminal device
- internet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000012545 processing Methods 0.000 claims description 21
- 230000005540 biological transmission Effects 0.000 claims description 6
- 238000012546 transfer Methods 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 8
- 230000004044 response Effects 0.000 description 8
- 230000011664 signaling Effects 0.000 description 4
- 241000700605 Viruses Species 0.000 description 3
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 3
- 230000003139 buffering effect Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
- 238000004880 explosion Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000009440 infrastructure construction Methods 0.000 description 1
- 230000004807 localization Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/40—Support for services or applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention provides a resource caching method, which comprises the steps that an internet caching device determines that resources meet a first caching condition after receiving the resources returned to a terminal device by a resource server; sending an analysis request to an analysis server, wherein the analysis request carries a domain name in the URL of the resource; receiving the identifier of the server obtained by analyzing the domain name in the URL of the resource by the analysis server; and when the server identifier obtained by analysis is the resource server identifier, caching the resource, wherein caching the resource comprises caching the resource in the internet caching device so as to provide the resource for the terminal equipment accessing the resource. The method and the device can prevent the Internet cache device from caching the malicious resources, so that the malicious resources are prevented from being provided for other terminal equipment users as source server resources.
Description
Technical Field
The present invention relates to the field of communications, and in particular, to a resource caching method and apparatus.
Background
With the explosion of the internet, the network traffic is rapidly increased, which brings huge challenges to network operators. The network infrastructure has huge expansion investment and is difficult to match the growth speed of the user traffic. The internet Cache (Web Cache) system is one of the effective ways to solve this problem. Most of the current network traffic comes from hypertext transfer Protocol (HTTP), which mainly includes video, file downloading, web browsing, and the like.
The Web Cache caches hot resources to the local based on the idea of storage bandwidth exchange and flow localization, directly provides services for terminal equipment users from the local, greatly reduces flow to a superior network, saves investment of network operators, such as network infrastructure construction, inter-network settlement cost and the like, simultaneously reduces time delay of responding to terminal equipment access, and improves user experience.
The transparent Cache is an implementation mode of the Web Cache, and the transparent Cache technology means that the transparent Cache interacts with terminal equipment by using a Web server address and interacts with the Web server by using the terminal equipment address, so that the terminal equipment and the Web server have no perception on a Cache system. Generally, the transparent cache determines an IP address of a source server according to an IP address of a target Internet Protocol (Internet Protocol) in a request message for establishing a Transmission Control Protocol (TCP) connection by a terminal device, if the message is maliciously forged by the terminal device or points to a malicious website, the WebCache may be caused to cache malicious content locally and provide the malicious content to other terminal device users as the content of the source server, for example, after the terminal device establishes a TCP connection with the malicious website through the transparent cache, an access request is falsely caused to Get http:// www.baidu.com/20150619qq _ setup.exe is sent to the malicious website through the transparent cache, the malicious website returns a Trojan virus to the terminal device through the transparent cache, if the transparent cache judges that a resource indicated by http:// www.baidu.com/20150619qq _ setup.exe is a hot resource, the Trojan virus returned by the malicious website is cached locally, when the other terminal users obtain the real resources indicated by http:// www.baidu.com/20150619qq _ setup.exe, the transparent cache will return the Trojan horse virus to other terminal equipment.
Disclosure of Invention
Embodiments of the present invention provide a resource caching method and device, which can prevent an internet caching device from caching malicious resources, thereby preventing the malicious resources from being provided to other terminal device users as source server resources.
In a first aspect, a resource caching method is provided, and the method includes: after receiving the resources returned to the terminal equipment by the resource server, the Internet cache device determines that the resources meet a first cache condition; the Internet cache device sends an analysis request to an analysis server, wherein the analysis request carries a domain name in a Uniform Resource Locator (URL) of the resource; the Internet cache device receives the server identification obtained by the resolution of the resolution server according to the domain name in the URL of the resource; when the server identifier obtained by the analysis is the resource server identifier, the internet cache device caches the resource, and caching the resource comprises caching the resource in the internet cache device so as to provide the resource for the terminal equipment accessing the resource.
With reference to the implementation manner of the first aspect, in a first possible implementation manner of the first aspect, before the receiving the resource returned by the resource server to the terminal device, the method further includes: the internet cache device receives a connection request which is sent by the terminal equipment and used for establishing connection with the resource server, wherein the connection request carries the identification of the terminal equipment and the identification of the resource server; the internet cache device establishes connection between the terminal equipment and the resource server; the internet cache device receives an access request for the resource sent by the terminal equipment, wherein the access request carries a domain name in a URL (uniform resource locator) of the resource; the Internet cache device sends the access request to the resource server according to the established connection between the terminal equipment and the resource server; and the Internet cache device receives the resources returned by the resource server.
With reference to the first aspect and the first possible implementation manner of the first aspect, in a second possible implementation manner, when the identifier of the server obtained through the analysis is not the identifier of the resource server, the internet caching device does not cache the resource.
With reference to the first aspect and the first to second possible implementation manners of the first aspect, in a third possible implementation manner, the establishing, by the internet caching apparatus, a connection between the terminal device and the resource server includes: the internet cache device establishes the connection between the terminal equipment and the resource server through the identification of the terminal equipment, wherein the identification of the terminal equipment comprises the internet protocol IP address of the terminal equipment.
With reference to the first aspect and the first to third possible implementation manners of the first aspect, in a fourth possible implementation manner, the internet caching device further sends the resource to the terminal device, the internet caching device sends the resource to the terminal device through an identifier of the resource server, and the identifier of the resource server includes an IP address of the resource server.
With reference to the first aspect and the first to fourth possible implementation manners of the first aspect, in a fifth possible implementation manner, the connection request includes a transmission control protocol TCP connection request, the access request to the resource includes a hypertext transfer protocol HTTP request, and the resolution server includes a domain name system DNS server.
With reference to the first aspect and the first to fifth possible implementation manners of the first aspect, in a sixth possible implementation manner, the determining that the resource satisfies the first caching condition includes determining that the resource satisfies a resource access heat statistic condition, where the resource access heat statistic includes statistics of frequency of accessing the same resource within a certain time.
In a second aspect, a resource caching apparatus is provided, which includes a processing module, a sending module, a receiving module, and a caching module: the processing module is used for determining that the resource meets a first cache condition after the receiving module receives the resource returned to the terminal equipment by the resource server; the sending module is used for sending an analysis request to an analysis server, wherein the analysis request carries a domain name in a Uniform Resource Locator (URL) of the resource; the receiving module is used for receiving the identifier of the server obtained by analyzing the domain name in the URL of the resource by the analyzing server; and the caching module is used for caching the resource when the server identifier obtained by analysis is the identifier of the resource server, wherein the caching of the resource comprises caching of the resource in the caching module so as to provide the resource for the terminal equipment accessing the resource.
With reference to the implementation manner of the second aspect, in a first possible implementation manner of the second aspect, the receiving module is further configured to receive, before the resource returned by the resource server to the terminal device is received, a connection request for establishing a connection with the resource server, where the connection request carries an identifier of the terminal device and an identifier of the resource server; the processing module is also used for establishing the connection between the terminal equipment and the resource server; the receiving module is further configured to receive an access request for the resource sent by the terminal device, where the access request carries a domain name in a URL of the resource; the sending module is further configured to send the access request to the resource server according to the established connection between the terminal device and the resource server; the receiving module is further configured to receive the resource returned by the resource server.
With reference to the second aspect and the first possible implementation manner of the second aspect, in a second possible implementation manner, the caching module is further configured to not cache the resource when the identifier of the server obtained through the parsing is not the identifier of the resource server.
With reference to the second aspect and the first to second possible implementation manners of the second aspect, in a third possible implementation manner, the establishing, by the processing module, a connection between the terminal device and the resource server includes: the processing module is further configured to establish a connection between the terminal device and the resource server through an identifier of the terminal device, where the identifier of the terminal device includes an internet protocol IP address of the terminal device.
With reference to the second aspect and the first to third possible implementation manners of the second aspect, in a fourth possible implementation manner, the sending module is further configured to send the resource to the terminal device, where the sending module sends the resource to the terminal device through an identifier of the resource server, and the identifier of the resource server includes an IP address of the resource server.
With reference to the second aspect and the first to fourth possible implementation manners of the second aspect, in a fifth possible implementation manner, the connection request includes a transmission control protocol TCP connection request, the access request to the resource includes a hypertext transfer protocol HTTP request, and the resolution server includes a domain name system DNS server.
With reference to the second aspect and the first to fifth possible implementation manners of the second aspect, in a sixth possible implementation manner, the determining that the resource satisfies the first caching condition includes determining that the resource satisfies a statistical condition of resource access heat, where the statistical condition of resource access heat includes statistics of frequency of accessing the same resource in a certain time.
According to the technical scheme provided by the embodiment of the invention, after the resource returned to the terminal equipment by the resource server is received, the resource is determined to meet the first caching condition, the analysis request is sent to the analysis server, the domain name of the resource is carried in the analysis request, the identifier of the server obtained by analyzing according to the domain name of the resource by the analysis server is received, when the identifier of the server obtained by analyzing is the identifier of the resource server, the resource is cached, the resource caching comprises the step of caching the resource in the internet caching device so as to be provided for the terminal equipment accessing the resource, the internet caching device can be prevented from caching the malicious resource, and therefore the malicious resource can be prevented from being provided for other terminal users as the source server resource.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic diagram of a network architecture to which embodiments of the present invention are applied;
FIG. 2 is an exemplary flow chart of a resource caching method according to an embodiment of the invention;
FIG. 3 is an exemplary signaling diagram of a resource caching method according to an embodiment of the present invention;
FIG. 4 is an exemplary signaling diagram of a resource caching method according to another embodiment of the present invention;
FIG. 5 is a hardware architecture diagram of a general computer architecture in accordance with one embodiment of the present invention;
fig. 6 is a schematic structural diagram of a resource caching apparatus according to an embodiment of the invention.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as particular system structures, interfaces, techniques, etc. in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.
Fig. 1 is a schematic network architecture diagram of a resource caching method according to an embodiment of the invention.
The internet caching apparatus 102 is disposed between the terminal device 101 and the resource server 104, monitors a resource access request sent by the terminal device 101, and may locally store a copy of a response returned by the resource server 104, where the response returned by the resource server 104 may be, for example, but not limited to, at least one of a hypertext Markup Language (HTML) webpage, a picture, a video, and a file download. When a request for accessing the same resource is subsequently received from the terminal device 101 or another terminal device, the internet cache device 102 returns a response copy stored locally to the user, so that the request to the resource server 104 is not required.
The resolution server 103 may be, for example, but not limited to, a Domain Name System (DNS) server, a distributed database on the internet as a mapping between a Domain Name and an IP address, and a process of finally obtaining the IP address corresponding to the host Name by the host Name is called Domain Name resolution or host Name resolution. In Request For Comments (RFC) included in internet standards, RFC 2181, RFC 2136, and RFC 2308 describe DNS.
In the network architecture of the resource caching method according to an embodiment of the present invention, the terminal device 101 sends a resource access request to the internet caching device 102, the internet caching device 102 forwards the resource access request to the corresponding resource server 104, the resource server 104 returns the resource requested to be accessed by the terminal device 101 to the internet caching device 102, and the internet caching device 102 forwards the resource to the terminal device 101. The internet caching device 102 determines whether the resource needs to be cached, and when it is determined that the resource needs to be cached, the request resolution server 103 resolves a domain name in a Uniform Resource Locator (URL) of the resource to obtain a server identifier, and if the server identifier obtained by the resolution is the same as the identifier of the resource server 104, the resource is cached, otherwise, the resource is not cached.
In an implementation manner of the embodiment of the present invention, the internet caching apparatus is an independent entity apparatus, may also be set in other apparatuses as a functional entity, and may also have other names.
FIG. 2 is an exemplary flow chart of a resource caching method 200 according to an embodiment of the invention. In particular implementations, the resource caching method 200 may be performed by, for example, but not limited to, an internet caching device, which may be, for example, but not limited to, a transparent cache. A resource server is one implementation of a Web server.
S202, after receiving the resources returned to the terminal equipment by the resource server, the Internet cache device determines that the resources meet a first cache condition.
In an implementation manner of the embodiment of the present invention, the determining that the resource satisfies the first cache condition includes determining that the resource satisfies a resource access heat statistic condition, where the resource access heat statistic includes statistics of a frequency of accessing the same resource within a certain time.
In an implementation manner of the embodiment of the present invention, before the resource returned to the terminal device by the resource server is received:
the internet cache device receives a connection request which is sent by the terminal equipment and used for establishing connection with the resource server, wherein the connection request carries the identification of the terminal equipment and the identification of the resource server;
the internet cache device establishes connection between the terminal equipment and the resource server;
the internet cache device receives an access request for the resource sent by the terminal equipment, wherein the access request carries a domain name in a URL (uniform resource locator) of the resource;
the Internet cache device sends the access request to the resource server according to the established connection between the terminal equipment and the resource server;
and the Internet cache device receives the resources returned by the resource server.
In an implementation manner of the embodiment of the present invention, the connection request may be, for example and without limitation, a Transmission Control Protocol (TCP) connection request, and the access request to the resource may be, for example and without limitation, an HTTP request.
In an implementation manner of the embodiment of the present invention, the internet caching apparatus establishes a connection between the terminal device and the resource server through an identifier of the terminal device, and the internet caching apparatus sends the access request to the resource server through the identifier of the terminal device, where the identifier of the terminal device includes an IP address of the terminal device.
In an implementation manner of the embodiment of the present invention, the internet caching apparatus sends the resource returned by the resource server to the terminal device through the identifier of the resource server, where the identifier of the resource server includes an IP address of the resource server.
Specifically, the resource returned by the resource server may be, for example and without limitation, at least one of an HTML webpage, a picture, a video, and a file download.
And S204, the Internet cache device sends an analysis request to an analysis server, wherein the analysis request carries the domain name in the URL of the resource.
And S206, the Internet cache device receives the server identifier obtained by analyzing the domain name in the URL of the resource by the analysis server.
In S204 and S206, in one implementation of the embodiment of the present invention, the resolution server includes a DNS server. The resolution request is used to request the DNS server to resolve a domain name in the URL for the resource. The result of the resolution indicates the IP address of the server.
And S208, when the server identifier obtained by analysis is the identifier of the resource server, caching the resource by the Internet caching device, wherein the caching of the resource comprises caching the resource in the Internet caching device so as to provide the resource for the terminal equipment accessing the resource.
Wherein, the terminal device providing access to the resource includes providing the terminal device providing access to the resource and providing the terminal device providing access to the resource again.
In an implementation manner of the embodiment of the present invention, when the identifier of the server obtained through the parsing is not the identifier of the resource server, the internet caching device does not cache the resource.
In an implementation manner of the embodiment of the present invention, when the resolved identifier of the server is the IP address of the resource server, the internet caching device caches the resource locally. And when the analyzed identifier of the server is not the IP address of the resource server, the Internet caching device does not cache the resource locally.
In an implementation manner of the embodiment of the present invention, when at least the following two conditions are satisfied, the internet caching device caches the resource locally:
1. when the statistical condition of the resource access heat is met;
2. and when the server identifier obtained by analysis is the resource server identifier, the resource server identifier is satisfied.
In addition, after receiving the resource returned to the terminal device by the resource server, the internet caching device can further determine whether the resource needs to be cached according to the size and the type of the resource.
According to the technical scheme provided by the embodiment of the invention, after the resource returned to the terminal equipment by the resource server is received, the resource is determined to meet the first caching condition, the analysis request is sent to the analysis server, the domain name of the resource is carried in the analysis request, the identifier of the server obtained by analyzing according to the domain name of the resource by the analysis server is received, when the identifier of the server obtained by analyzing is the identifier of the resource server, the resource is cached, the resource caching comprises the resource is cached in the internet caching device to be provided for the terminal equipment accessing the resource, the internet caching device can be prevented from caching the malicious resource, and therefore the malicious resource can be prevented from being provided for other terminal users as the source server resource.
Fig. 3 is an exemplary signaling diagram of a resource buffering method according to an embodiment of the present invention. In particular implementations, the resource caching method 300 may be performed by, for example, but not limited to, an internet caching device. In this embodiment, the internet caching device may be, for example and without limitation, a transparent cache, and the resolution server may be, for example and without limitation, a DNS server. A resource server is one implementation of a Web server.
S301, the terminal device sends a TCP connection request to the resource server to the transparent cache, wherein the TCP connection request carries the IP address of the terminal device and the IP address of the resource server.
S302, the transparent cache uses the IP address of the terminal device to establish TCP connection to the resource server.
S303, the transparent cache receives an HTTP access request sent by the terminal equipment to the resource server.
S304, the transparent cache uses the IP address of the terminal device to send the HTTP access request to the resource server.
S305, the resource server returns the resource which the terminal equipment requests to access to the transparent cache.
S306, the transparent cache uses the IP address of the resource server to return the resource returned by the resource server to the terminal equipment.
S307, the transparent cache determines that the resource needs to be cached according to the statistics of the access heat of the resource.
S308, the transparent cache request resolution server carries out domain name resolution on the domain name in the URL of the resource in the access request. And the transparent cache sends a DNS resolution request to the DNS server, wherein the DNS resolution request carries the domain name in the URL of the resource and requests the DNS server to resolve the domain name in the URL.
S309, the DNS server carries out DNS analysis on the domain name in the URL of the resource to obtain an analysis result indicating the IP address of the server.
S310, the DNS server sends the analysis result to a transparent cache.
S311, the transparent cache checks the IP address of the server. And the transparent cache judges whether the IP address of the server is the IP address of the resource server, if so, the resource is cached locally, and otherwise, the resource is not cached.
According to the technical scheme provided by the embodiment of the invention, after the resource returned to the terminal equipment by the resource server is received, the resource is determined to meet the first caching condition, then the analysis request is sent to the analysis server, the domain name of the resource is carried in the analysis request, the identifier of the server obtained by analyzing according to the domain name of the resource by the analysis server is received, when the identifier of the server obtained by analyzing is the identifier of the resource server, the resource is cached, the resource caching comprises caching the resource in the internet caching device so as to be provided for the terminal equipment accessing the resource, the internet caching device can be prevented from caching the malicious resource, and therefore the malicious resource can be prevented from being provided for other terminal users as the source server resource.
Fig. 4 is an exemplary signaling diagram of a resource buffering method according to another embodiment of the present invention. In particular implementations, the resource caching method 400 may be performed by, for example, but not limited to, an internet caching device. In this embodiment, the internet caching device may be, for example and without limitation, a transparent cache, and the resolution server may be, for example and without limitation, a DNS server. A resource server is one implementation of a Web server.
S401, the terminal device sends a TCP connection request established to a first resource server to a transparent cache, wherein the TCP connection request carries the IP address of the terminal device and the IP address of the first resource server.
S402, the transparent cache uses the IP address of the terminal device to establish TCP connection to the first resource server.
S403, the transparent cache receives an HTTP access request sent by the terminal device to the first resource server.
S404, the transparent cache requests the resolution server to perform domain name resolution on the domain name in the URL of the resource in the access request for each received access request. And the transparent cache sends a DNS resolution request to a DNS server, wherein the DNS resolution request carries the domain name in the URL of the resource to be accessed by the HTTP access request, and requests the DNS server to resolve the domain name in the URL.
S405, the DNS server carries out DNS analysis on the domain name in the URL of the resource to obtain an analysis result indicating the IP address of the server.
S406, the DNS server sends the resolution result to the transparent cache.
S407, the transparent cache checks the IP address of the server. The transparent cache determines whether the IP address of the server indicated by the resolution result is the IP address of the first resource server, and executes S408 to S410 when the IP address of the server is the IP address of the first resource server; when the IP address of the server is the IP address of the second resource server, S411 to S413 are performed.
S408, the transparent cache uses the IP address of the terminal device to send the HTTP access request to the first resource server.
S409, the first resource server returns the resources requested to be accessed by the terminal equipment to the transparent cache.
S410, the transparent cache returns the resource returned by the first resource server to the terminal equipment by using the IP address of the first resource server.
S411, the transparent cache disconnects the TCP connection to the first resource server.
S412, the transparent cache establishes a TCP connection to the second resource server by using the IP address of the terminal equipment.
S413, the transparent cache transmits the HTTP access request to the second resource server using the IP address of the terminal device.
And then, the transparent cache returns the resource returned by the second resource server to the terminal equipment by using the IP address of the first resource server.
In an implementation manner of the embodiment of the present invention, after returning the resource to the terminal device, the transparent cache determines whether the resource needs to be cached, and if so, caches the resource locally; otherwise, not caching.
In another implementation manner of the embodiment of the present invention, before returning the resource to the terminal device, the transparent caching determines whether the resource needs to be cached, and if so, the resource is cached locally; otherwise, not caching.
According to the technical scheme provided by the embodiment of the invention, the analysis request is sent to the analysis server before the resource returned by the resource server is sent to the terminal equipment, the resolution request carries the domain name in the URL of the resource, receives the identifier of the server obtained by resolution according to the domain name in the URL of the resource returned by the resolution server, when the resolved identification of the server is the identification of the first resource server, caching the resource, when the analyzed identifier of the server is the identifier of the second resource server, the connection with the first resource server is disconnected, the connection with the second resource server is established, the resource returned by the second resource server is sent to the terminal equipment, the internet cache device can be prevented from caching malicious resources, thereby preventing it from providing malicious resources to other end users as source server resources.
It is to be noted that, although the technical solutions provided in the embodiments of fig. 2, fig. 3, and fig. 4 of the present invention can prevent the internet caching apparatus from caching malicious resources, so as to prevent the malicious resources from being provided to other terminal users as source server resources, when the resolution result is not the first resource server, the internet caching apparatus needs to re-establish a connection with the second resource server, and this process greatly increases the waiting time of the terminal device user. Moreover, in the technical solution provided in the embodiment of fig. 4, the internet caching device needs to request the resolution server to perform domain name resolution for each received resource access request, and performs server identifier verification, so that the processing burden and response delay of the resolution server are increased.
Compared with the technical solutions provided by the embodiments of fig. 2 and 3, the technical solutions provided by the embodiments of fig. 4 of the present invention reduce the times of domain name resolution performed by the resolution server and the times of server identifier verification, reduce the system overhead of the internet caching apparatus, and avoid the process of reestablishing a connection after the resolution result is not the target resource server, thereby avoiding the response delay introduced by the above process to the terminal device request.
In addition, for the embodiment of fig. 2, in an implementation manner of the embodiment of the present invention, in S202, after receiving the resource returned to the terminal device by the resource server, the internet caching device sends the resource to the terminal device, and then after determining that the resource satisfies the first caching condition, executes S204 to S208. The implementation mode can reduce the response time delay to the terminal equipment request to the maximum extent and reduce the waiting time of the terminal equipment user to the maximum extent.
For the embodiment of fig. 2, in another implementation manner of the embodiment of the present invention, the internet caching apparatus may send the resource to the terminal device after performing S202 to S208. Although the response delay to the terminal device request is increased in this implementation manner compared with the previous implementation manner, compared with the technical scheme provided in the embodiment of fig. 4, because only the domain name resolution is performed on the resource satisfying the first caching condition, and the process of reestablishing the connection after the resolution result is not the target resource server is also avoided, compared with the technical scheme provided in the embodiment of fig. 4, the number of times of performing the domain name resolution by the resolution server and the number of times of verifying the server identifier are also reduced, the system overhead of the internet caching device is reduced, and the response delay to the terminal device request is also reduced.
FIG. 5 is a hardware configuration diagram of a general computer architecture 500 according to an embodiment of the invention. As shown in FIG. 5, the general computer architecture 500 includes a processor 502, a memory 504, a communication interface 506, and a bus 508. The processor 502, the memory 504, and the communication interface 506 are communicatively coupled to each other via a bus 508.
The processor 502 may be a general-purpose Central Processing Unit (CPU), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits, and is configured to execute related programs to implement the technical solutions provided by the embodiments of the present invention.
The Memory 504 may be a Read Only Memory (ROM), a static Memory device, a dynamic Memory device, or a Random Access Memory (RAM). Memory 504 may store an operating system 5041 and other applications 5042. When the technical solution provided by the embodiment of the present invention is implemented by software or firmware, a program code for implementing the technical solution provided by the embodiment of the present invention is stored in the memory 504 and executed by the processor 502.
Bus 508 may include a path that transfers information between components, such as processor 502, memory 504, and input and communication interface 506.
As shown in fig. 6, when the data processing apparatus comprises the above-mentioned general computer architecture 500, the general computer architecture 500 further comprises a processing module 602 for resource caching, a sending module 604, a receiving module 606 and a caching module 608. These modules may be implemented using hardware, software, or software in combination with hardware. As software modules, stored in the memory 504 of the general purpose computer structure 500, may be provided together as a single program or separately as separate programs. These software modules may also be included as part of applications 5042, or as part of operating system 5041, respectively, or together, as an alternative embodiment.
The processing module 602 is configured to determine that the resource meets the first cache condition after the receiving module receives the resource returned by the resource server to the terminal device.
A sending module 604, configured to send an analysis request to an analysis server, where the analysis request carries a domain name in the URL of the resource.
A receiving module 606, configured to receive an identifier of the server obtained by the resolution server performing resolution according to the domain name in the URL of the resource.
A caching module 608, configured to cache the resource when the identifier of the server obtained through the parsing is the identifier of the resource server, where caching the resource includes caching the resource in the caching module to provide the resource for a terminal device accessing the resource.
Wherein the resource server is an implementation of a Web server.
In an implementation manner of the embodiment of the present invention, the receiving module 606 is further configured to receive, before the resource returned to the terminal device by the resource server is received, a connection request for establishing a connection with the resource server, where the connection request carries an identifier of the terminal device and an identifier of the resource server;
the processing module 602 is further configured to establish a connection between the terminal device and the resource server;
the receiving module 606 is further configured to receive an access request for the resource, which is sent by the terminal device, where the access request carries a domain name in a URL of the resource;
the sending module 604 is further configured to send the access request to the resource server according to the established connection between the terminal device and the resource server;
the receiving module 606 is further configured to receive the resource returned by the resource server.
In an implementation manner of the embodiment of the present invention, the caching module 608 is further configured to not cache the resource when the identifier of the server obtained through the analysis is not the identifier of the resource server.
In an implementation manner of the embodiment of the present invention, the processing module 602 is further configured to establish a connection between the terminal device and the resource server, including: the processing module 602 is further configured to establish a connection between the terminal device and the resource server through an identifier of the terminal device, where the identifier of the terminal device includes an internet protocol IP address of the terminal device.
In an implementation manner of the embodiment of the present invention, the sending module 604 is further configured to send the resource to the terminal device, where the sending module 604 sends the resource to the terminal device through an identifier of the resource server, and the identifier of the resource server includes an IP address of the resource server.
According to the technical scheme provided by the embodiment of the invention, after the resource returned to the terminal equipment by the resource server is received, the resource is determined to meet the first caching condition, the analysis request is sent to the analysis server, the domain name in the URL of the resource is carried in the analysis request, the identifier of the server obtained by the analysis server through analysis according to the domain name in the URL of the resource is received, when the identifier of the server obtained through analysis is the identifier of the resource server, the resource is cached, the resource caching comprises the step of caching the resource in the internet caching device so as to be provided for the terminal equipment accessing the resource, the internet caching device can be prevented from caching malicious resource, and therefore the malicious resource can be prevented from being provided for other terminal users as the source server resource.
It should be noted that although the general computer architecture 500 shown in fig. 5 only shows a processor 502, a memory 504, a communication interface 506 and a bus 508, in a specific implementation, it should be understood by those skilled in the art that the above-described resource caching apparatus also contains other components necessary for normal operation. Meanwhile, according to specific needs, it should be understood by those skilled in the art that the resource caching apparatus may further include a hardware device for implementing other additional functions. Furthermore, it should be understood by those skilled in the art that the above-mentioned resource caching apparatus may also only contain the components necessary to implement the embodiments of the present invention, and need not contain all of the components shown in fig. 5.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, a network device, or the like) or a processor (processor) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (25)
1. A resource caching method is characterized by comprising the following steps:
after receiving the resources returned to the terminal equipment by the resource server, the Internet cache device determines that the resources meet a first cache condition; the Internet cache device is deployed between the terminal equipment and the resource server and monitors a resource access request sent by the terminal equipment;
the Internet cache device sends an analysis request to an analysis server, wherein the analysis request carries a domain name in a Uniform Resource Locator (URL) of the resource;
the Internet cache device receives the server identification obtained by the resolution of the resolution server according to the domain name in the URL of the resource;
when the server identifier obtained by the analysis is the resource server identifier, the internet cache device caches the resource, and caching the resource comprises caching the resource in the internet cache device so as to provide the resource for the terminal equipment accessing the resource.
2. The method of claim 1, wherein prior to said receiving the resource returned by the resource server to the terminal device, the method further comprises:
the internet cache device receives a connection request which is sent by the terminal equipment and used for establishing connection with the resource server, wherein the connection request carries the identification of the terminal equipment and the identification of the resource server;
the internet cache device establishes connection between the terminal equipment and the resource server;
the internet cache device receives an access request for the resource sent by the terminal equipment, wherein the access request carries a domain name in a URL (uniform resource locator) of the resource;
the Internet cache device sends the access request to the resource server according to the established connection between the terminal equipment and the resource server;
and the Internet cache device receives the resources returned by the resource server.
3. The method of claim 2, wherein the connection request comprises a Transmission Control Protocol (TCP) connection request, the access request to the resource comprises a hypertext transfer protocol (HTTP) request, and the resolution server comprises a Domain Name System (DNS) server.
4. The method of claim 2,
the internet cache device establishing the connection between the terminal equipment and the resource server comprises: the internet cache device establishes the connection between the terminal equipment and the resource server through the identification of the terminal equipment, wherein the identification of the terminal equipment comprises the internet protocol IP address of the terminal equipment.
5. The method of claim 3,
the internet cache device establishing the connection between the terminal equipment and the resource server comprises: the internet cache device establishes the connection between the terminal equipment and the resource server through the identification of the terminal equipment, wherein the identification of the terminal equipment comprises the internet protocol IP address of the terminal equipment.
6. The method according to any one of claims 1 to 5, wherein the internet caching device does not cache the resource when the resolved identity of the server is not the identity of the resource server.
7. The method according to any of claims 1 to 5, wherein the internet caching device further sends the resource to the terminal device, the internet caching device sending the resource to the terminal device via an identification of the resource server, the identification of the resource server comprising an IP address of the resource server.
8. The method of claim 6, wherein the internet caching device further sends the resource to the terminal device, the internet caching device sending the resource to the terminal device via an identification of the resource server, the identification of the resource server comprising an IP address of the resource server.
9. The method of any of claims 1 to 5, wherein the determining that the resource satisfies a first caching condition comprises determining that the resource satisfies a resource access heat statistic condition, the resource access heat statistic comprising a statistic of how often the same resource is accessed over a period of time.
10. The method of claim 6, wherein the determining that the resource satisfies the first caching condition comprises determining that the resource satisfies a resource access heat statistic, the resource access heat statistic comprising a statistic of how often the same resource is accessed over a period of time.
11. The method of claim 7, wherein the determining that the resource satisfies the first caching condition comprises determining that the resource satisfies a resource access heat statistic, the resource access heat statistic comprising a statistic of how often the same resource is accessed over a period of time.
12. The method of claim 8, wherein the determining that the resource satisfies the first caching condition comprises determining that the resource satisfies a resource access heat statistic, the resource access heat statistic comprising a statistic of how often the same resource is accessed over a period of time.
13. The resource caching device is characterized by comprising a processing module, a sending module, a receiving module and a caching module:
the processing module is used for determining that the resource meets a first cache condition after the receiving module receives the resource returned to the terminal equipment by the resource server;
the sending module is used for sending an analysis request to an analysis server, wherein the analysis request carries a domain name in a Uniform Resource Locator (URL) of the resource;
the receiving module is used for receiving the identifier of the server obtained by analyzing the domain name in the URL of the resource by the analyzing server;
the cache module is configured to cache the resource when the identifier of the server obtained through the analysis is the identifier of the resource server, where caching the resource includes caching the resource in the cache module to provide the resource to a terminal device accessing the resource;
the resource caching device is deployed between the terminal equipment and the resource server and monitors a resource access request sent by the terminal equipment.
14. The apparatus of claim 13, wherein the receiving module is further configured to receive a connection request for establishing a connection with the resource server sent by the terminal device before the resource returned by the resource server to the terminal device is received, where the connection request carries an identifier of the terminal device and an identifier of the resource server;
the processing module is also used for establishing the connection between the terminal equipment and the resource server;
the receiving module is further configured to receive an access request for the resource sent by the terminal device, where the access request carries a domain name in a URL of the resource;
the sending module is further configured to send the access request to the resource server according to the established connection between the terminal device and the resource server;
the receiving module is further configured to receive the resource returned by the resource server.
15. The apparatus of claim 14, wherein the connection request comprises a Transmission Control Protocol (TCP) connection request, the access request to the resource comprises a hypertext transfer protocol (HTTP) request, and the resolution server comprises a Domain Name System (DNS) server.
16. The apparatus of claim 14,
the processing module is further configured to establish a connection between the terminal device and the resource server, including: the processing module is further configured to establish a connection between the terminal device and the resource server through an identifier of the terminal device, where the identifier of the terminal device includes an internet protocol IP address of the terminal device.
17. The apparatus of claim 15,
the processing module is further configured to establish a connection between the terminal device and the resource server, including: the processing module is further configured to establish a connection between the terminal device and the resource server through an identifier of the terminal device, where the identifier of the terminal device includes an internet protocol IP address of the terminal device.
18. The apparatus of any of claims 13 to 17, wherein the caching module is further configured to not cache the resource when the resolved identity of the server is not the identity of the resource server.
19. The apparatus of any one of claims 13 to 17, wherein the sending module is further configured to send the resource to the terminal device, and the sending module sends the resource to the terminal device through an identifier of the resource server, where the identifier of the resource server includes an IP address of the resource server.
20. The apparatus of claim 18, wherein the sending module is further configured to send the resource to the terminal device, and wherein the sending module sends the resource to the terminal device via an identification of the resource server, the identification of the resource server including an IP address of the resource server.
21. The apparatus of any of claims 13 to 17, wherein the determination that the resource satisfies the first caching condition comprises a determination that the resource satisfies a resource access heat statistic condition, the resource access heat statistic comprising a statistic of how often the same resource is accessed over a period of time.
22. The apparatus of claim 18, wherein the determination that the resource satisfies the first caching condition comprises a determination that the resource satisfies a resource access heat statistic, the resource access heat statistic comprising a statistic of how often the same resource is accessed over a period of time.
23. The apparatus of claim 19, wherein the determination that the resource satisfies the first caching condition comprises a determination that the resource satisfies a resource access heat statistic, the resource access heat statistic comprising a statistic of how often the same resource is accessed over a period of time.
24. The apparatus of claim 20, wherein the determination that the resource satisfies the first caching condition comprises a determination that the resource satisfies a resource access heat statistic, the resource access heat statistic comprising a statistic of how often the same resource is accessed over a period of time.
25. A computer-readable storage medium, characterized in that,
the computer-readable storage medium stores a computer program that is executable by hardware to implement the method of any one of claims 1 to 12.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510464724.6A CN106411978B (en) | 2015-07-31 | 2015-07-31 | Resource caching method and device |
| PCT/CN2016/077876 WO2017020597A1 (en) | 2015-07-31 | 2016-03-30 | Resource cache method and apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510464724.6A CN106411978B (en) | 2015-07-31 | 2015-07-31 | Resource caching method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106411978A CN106411978A (en) | 2017-02-15 |
| CN106411978B true CN106411978B (en) | 2020-01-21 |
Family
ID=57942383
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510464724.6A Active CN106411978B (en) | 2015-07-31 | 2015-07-31 | Resource caching method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN106411978B (en) |
| WO (1) | WO2017020597A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109586937B (en) * | 2017-09-28 | 2022-03-15 | 中兴通讯股份有限公司 | Operation and maintenance method, equipment and storage medium of cache system |
| CN110572486A (en) * | 2019-08-13 | 2019-12-13 | 河北上通云天网络科技有限公司 | domain name resolution system based on MAC address |
| CN114422522B (en) * | 2020-10-13 | 2024-02-13 | 贵州白山云科技股份有限公司 | Cache distribution method, device, medium and equipment |
| CN116634017B (en) * | 2023-05-15 | 2024-02-06 | 北京大学 | Identification analysis data caching method and device based on digital object |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101668046A (en) * | 2009-10-13 | 2010-03-10 | 成都市华为赛门铁克科技有限公司 | Resource caching method, resource obtaining method, device and system thereof |
| CN102843437A (en) * | 2012-09-17 | 2012-12-26 | 北京星网锐捷网络技术有限公司 | Conversion method and device for webpage application and network device |
| CN103412827A (en) * | 2013-08-05 | 2013-11-27 | 广州唯品会信息科技有限公司 | Picture caching method and picture caching system |
| CN103825919A (en) * | 2012-11-16 | 2014-05-28 | 中国移动通信集团北京有限公司 | Method, device and system for data resource caching |
| CN104079534A (en) * | 2013-03-27 | 2014-10-01 | 中国移动通信集团北京有限公司 | Method and system of implementing HTTP (Hyper Text Transport Protocol) cache |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102170479B (en) * | 2011-05-21 | 2013-12-18 | 华为数字技术(成都)有限公司 | Updating method of Web buffer and updating device of Web buffer |
| KR20130064906A (en) * | 2011-12-09 | 2013-06-19 | 삼성전자주식회사 | Method and apparatus for load balancing in communication system |
-
2015
- 2015-07-31 CN CN201510464724.6A patent/CN106411978B/en active Active
-
2016
- 2016-03-30 WO PCT/CN2016/077876 patent/WO2017020597A1/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101668046A (en) * | 2009-10-13 | 2010-03-10 | 成都市华为赛门铁克科技有限公司 | Resource caching method, resource obtaining method, device and system thereof |
| CN101668046B (en) * | 2009-10-13 | 2012-12-19 | 成都市华为赛门铁克科技有限公司 | Resource caching method, device and system thereof |
| CN102843437A (en) * | 2012-09-17 | 2012-12-26 | 北京星网锐捷网络技术有限公司 | Conversion method and device for webpage application and network device |
| CN103825919A (en) * | 2012-11-16 | 2014-05-28 | 中国移动通信集团北京有限公司 | Method, device and system for data resource caching |
| CN104079534A (en) * | 2013-03-27 | 2014-10-01 | 中国移动通信集团北京有限公司 | Method and system of implementing HTTP (Hyper Text Transport Protocol) cache |
| CN103412827A (en) * | 2013-08-05 | 2013-11-27 | 广州唯品会信息科技有限公司 | Picture caching method and picture caching system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106411978A (en) | 2017-02-15 |
| WO2017020597A1 (en) | 2017-02-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109067914B (en) | web service proxy method, device, equipment and storage medium | |
| CN110049022B (en) | Domain name access control method and device and computer readable storage medium | |
| US10897450B2 (en) | Communication method and communication apparatus | |
| CN105930528B (en) | Webpage caching method and server | |
| CN107341160B (en) | Crawler intercepting method and device | |
| CN111314499B (en) | Domain name proxy method, device, equipment and readable storage medium | |
| US9578040B2 (en) | Packet receiving method, deep packet inspection device and system | |
| CN106101231B (en) | Method and device for realizing resource downloading through CDN (content delivery network), server and client | |
| CN106534243B (en) | Caching, requesting and responding method based on HTTP protocol and corresponding device | |
| US9753794B2 (en) | Method and apparatus for controlling sending of heartbeat signal | |
| EP2830280A1 (en) | Web caching with security as a service | |
| EP3422672B1 (en) | Routing method and device | |
| WO2017080459A1 (en) | Method, device and system for caching and providing service contents and storage medium | |
| CN106411978B (en) | Resource caching method and device | |
| CN105635073B (en) | Access control method and device and network access equipment | |
| TW201545520A (en) | Method and system for acquiring web pages | |
| WO2013013556A1 (en) | Data reporting method and device | |
| CN110392069B (en) | CDN service scheduling processing method and CDN server | |
| CN112003945A (en) | Service request response method and device | |
| CN107786502B (en) | Authentication proxy method, device and equipment | |
| CN106899689B (en) | Information pre-issuing method and server | |
| EP2963880B1 (en) | Data sending and processing method and router | |
| CN116996578B (en) | Resource processing method and device based on content distribution network | |
| EP2640035B1 (en) | Hypertext transfer protocol (http) stream association method and device | |
| US11122106B2 (en) | Method and apparatus for providing web service using edge computing service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |