CN106789988A - A kind of network inquiry platform - Google Patents
A kind of network inquiry platform Download PDFInfo
- Publication number
- CN106789988A CN106789988A CN201611124827.9A CN201611124827A CN106789988A CN 106789988 A CN106789988 A CN 106789988A CN 201611124827 A CN201611124827 A CN 201611124827A CN 106789988 A CN106789988 A CN 106789988A
- Authority
- CN
- China
- Prior art keywords
- layer
- module
- data
- platform
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/28—Databases characterised by their database models, e.g. relational or object models
- G06F16/284—Relational databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/951—Indexing; Web crawling techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/953—Querying, e.g. by the use of web search engines
- G06F16/9537—Spatial or temporal dependent retrieval, e.g. spatiotemporal queries
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Computational Linguistics (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of network platform, more particularly to a kind of network inquiry platform, including:Access Layer, application layer, operation layer, data Layer and resource layer;Application layer is connected with Access Layer and operation layer respectively, and operation layer is connected with data Layer;Access Layer includes the network insertion node and the security protection system that are connected with each other;Application layer is used to send to process to operation layer to ask, and including:User log-in block, integrated information module inquires about service module, online friend's interactive module, map retrieval module;Operation layer accesses data Layer, and return to output to application layer according to the request from application layer;Data Layer includes Data access module;Data access module is used to perform resource layer the operation that additions and deletions change inquiry;Resource layer includes Database Systems.The beneficial effects of the invention are as follows:Complete Security mechanism is employed, the security protection system of complete set has been constructed, the safety and reliability of searching platform is effectively guaranteed.
Description
Technical field
The present invention relates to a kind of network platform, more particularly to a kind of network inquiry platform.
Background technology
Nowadays, as the application of information network technique becomes increasingly popular, website promotion already turn into now society most it is rapid most
The effective way of promotion.People's livelihood searching platform as the information interchange between government and the public tie, it is government's machine
Pass realize government affairs information disclose, service enterprise and the public, interaction, and understand the important channel of the will of the people, be also to obtain
The important channel that the public obtains government services information is taken, the mutual understanding between government and the public is may advantageously facilitate, therefore have
Important meaning.
But on the other hand, the network security problem that website is faced also is becoming to become increasingly complex.For example, passing through webpage
Extension horse makes user suffer a loss.For another example, by modes such as DDOS to the attack in line service, or distorting to web page contents
Deng invariably to the normal using causing heavy damage of website.And for the government website as people's livelihood query web,
This problem then seems even more serious, because this will have influence on government authority and government image.In fact, in recent years, for
The cyber-attack of government website is also really of common occurrence.
Therefore, the people's livelihood inquiry network platform is required to effectively take precautions against unknown network risks, for the public provides
Safe and reliable information service.
The content of the invention
The invention provides a kind of network inquiry platform, it is therefore intended that solve the above problems.
Concrete technical scheme is as follows:
A kind of network inquiry platform, the network inquiry platform is based on browser/server framework, wherein, the network
The server end of searching platform includes:Access Layer, application layer, operation layer, data Layer and resource layer;
The application layer is connected with Access Layer and operation layer respectively, and the operation layer is connected with the data Layer;
The Access Layer includes the network insertion node and the security protection system that are connected with each other;
The application layer is used to send to process to the operation layer to ask, and including:User log-in block, integrated information
Module, inquires about service module, online friend's interactive module, map retrieval module;The user log-in block is used to receive testing for user
Card information input, and return to login confirmation;The integrated information module issues people's livelihood POLICY by the form of picture and text
Information;Online friend's interactive module is used to for the enquirement of registered user to be published to default page location;The map retrieval formula mould
Block is used to receive the map retrieval input of user, and place is shown in the form of electronic three-dimensional map;
The operation layer accesses the data Layer, and returns to output and answered to described according to the request from the application layer
With layer;
The data Layer includes Data access module;The Data access module is used to change resource layer execution additions and deletions
The operation of inquiry;
The resource layer includes Database Systems.
Preferably, the security protection system includes fire wall and web application guard systems;
The fire wall is connected with the network insertion node and the web applications guard system respectively, the web applications
Guard system is connected by LAN switch with the operation layer.
Preferably, the web applications guard system is at least provided with two, and redundancy is set to enable the web applications of state
The web application guard systems of guard system and stand-by state;
When the web applications guard system for enabling state breaks down, the web application guard systems of the stand-by state
Enter through consultation and enable state.
Preferably, bypass is provided with intruding detection system on the LAN switch.
Preferably, the data Layer also includes data backup module;The data backup module is used for timing to the number
Data backup is done according to the data in the system of storehouse.
Preferably, the application layer also includes hot information module;The hot information module is according to clicking rate and/or comments
Enquirement by bar number to the news information or the registered user carries out attention rate statistics and sequence, and aobvious with attention rate sequence
Show that the news information and the registered user put question to.
Preferably, the application layer also includes vulnerability scanning module;The vulnerability scanning module is used for the application layer
Carry out vulnerability scanning detection, and the leak that bulletin is detected.
The beneficial effects of the invention are as follows:
A kind of network inquiry platform of the invention, the pattern based on browser/server services body using multiechelon system
Architecture is realized, and is cooperated by interface between each composition, the function of common completion system, it is ensured that system expands
Exhibition, upgradability;Meanwhile, present invention employs complete Security mechanism, realized to attack by vulnerability scanning module
Take precautions against, prevent to attack immediately by fire wall and web applications guard system, realized to network data by intruding detection system
Monitoring, service data can be returned to the state of Backup Data by data backup module, enhance the redundancy ability of platform,
So as to construct the security protection system of complete set, the safety and reliability of searching platform is effectively guaranteed.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, without having to pay creative labor, may be used also
Other accompanying drawings are obtained with according to these accompanying drawings.
Fig. 1 is a kind of structural representation of the embodiment of network inquiry platform of the invention;
Fig. 2 is a kind of structural representation of the Access Layer of the embodiment of network inquiry platform of the invention.
Specific embodiment
The invention will be further described with specific embodiment below in conjunction with the accompanying drawings, but not as limiting to the invention.
A kind of network inquiry platform is disclosed in one embodiment of the present of invention, the network inquiry platform be based on browser/
Server architecture.As shown in figure 1, wherein, the server end of network inquiry platform includes:Access Layer, application layer, operation layer, number
According to layer and resource layer;Application layer is connected with Access Layer and operation layer respectively, and operation layer is connected with data Layer;Access Layer includes
The network insertion node and security protection system of interconnection;Application layer is used to send treatment request to operation layer, and wraps
Include:User log-in block, integrated information module inquires about service module, online friend's interactive module, map retrieval module;User logs in
Module is used to receive the checking information input of user, and returns to login confirmation;The form that integrated information module passes through picture and text
Issue people's livelihood POLICY information;Online friend's interactive module is used to for the enquirement of registered user to be published to default page location;Map
Retrieval type module is used to receive the map retrieval input of user, and place is shown in the form of electronic three-dimensional map;Operation layer root
According to the request from application layer, data Layer is accessed, and return to output to application layer;Data Layer includes Data access module;Data
Access modules are used to perform resource layer the operation that additions and deletions change inquiry;Resource layer includes Database Systems.It is embodied in one kind
In mode, above-mentioned Database Systems can be orcal databases, or SQLserver databases.
On the basis of above-mentioned technical proposal, security protection system includes fire wall and web application guard systems;Fire wall
It is connected with network insertion node and web application guard systems respectively, web applications guard system passes through LAN switch and business
Layer connection.In another specific embodiment, above-mentioned fire wall can be connected directly with LAN switch, and web should
Then it is connected on LAN switch in the way of bypassing and monitoring with guard system.
On the basis of above-mentioned technical proposal, as shown in Fig. 2 web applications guard system is at least provided with two, and redundancy sets
It is set to the web applications guard system of the state of enabling and the web application guard systems of stand-by state;When the web of the state that enables is applied
Guard system breaks down, and entrance enables state to the web applications guard system of stand-by state through consultation.
On the basis of above-mentioned technical proposal, bypass is provided with intruding detection system on LAN switch.Above-mentioned invasion
Detecting system obtains the generation event in network by detecting all links for being connected to server from whole computing environment,
And generation event is analyzed, obtain analysis result.For example, the security strategy run counter to for special object of predefined
Event, and detect whether the generation event in network corresponds to therewith.Based on resulting analysis result, corresponding reaction is made,
Connection is such as cut off, is changed file attributes, or send alarm etc., and record the attack to system.The fire wall of platform
Mandate filtering effectively can be carried out to outside access user, but the destruction of authority user high cannot be prevented.And enter
Invading detecting system can carry out effectively protecting and monitoring for the special object of plateform system, meanwhile, examined by above-mentioned invasion
Examining system, can effectively prevent the security threat from platform Intranet, therefore form effective complementation with fire wall.
On the basis of above-mentioned technical proposal, data Layer also includes data backup module;Data backup module is used for timing
Data backup is done to the data in Database Systems.
On the basis of above-mentioned technical proposal, application layer also includes hot information module;Hot information module is according to click
The enquirement of rate and/or comment bar number to news information or registered user carries out attention rate statistics and sequence, and is sorted with attention rate
Display news information and registered user put question to.
On the basis of above-mentioned technical proposal, application layer also includes vulnerability scanning module;Vulnerability scanning module is used for correspondence
Vulnerability scanning detection, and the leak that bulletin is detected are carried out with layer.Specifically, above-mentioned vulnerability scanning module, can be base
The attack to system is simulated in test script, is then analyzed, so as to detect system safety leakage that may be present
Hole.
By a kind of network inquiry platform of the pattern based on browser/server of the invention, using multiechelon system
Service system structure is realized, and is cooperated by interface between each composition, the function of common completion system, it is ensured that system
Expansible, upgradability;Meanwhile, present invention employs complete Security mechanism, realize attacking against each other by vulnerability scanning module
The strick precaution hit, prevents to attack immediately by fire wall and web applications guard system, is realized to network number by intruding detection system
According to monitoring, service data can be returned to the state of Backup Data by data backup module, enhance the disaster tolerance of platform
Ability, so as to construct the security protection system of complete set, is effectively guaranteed the safety and reliability of searching platform.
Preferred embodiments of the present invention are the foregoing is only, embodiments of the present invention and protection model is not thereby limited
Enclose, to those skilled in the art, should can appreciate that done by all utilization description of the invention and diagramatic content
Scheme obtained by equivalent and obvious change, should be included in protection scope of the present invention.
Claims (7)
1. a kind of network inquiry platform, the network inquiry platform is based on browser/server framework, it is characterised in that described
The server end of network inquiry platform includes:Access Layer, application layer, operation layer, data Layer and resource layer;The application layer point
It is not connected with Access Layer and operation layer, the operation layer is connected with the data Layer;The Access Layer includes what is be connected with each other
Network insertion node and security protection system;The application layer is used to send to process to the operation layer to ask, and including:With
Family login module, integrated information module inquires about service module, online friend's interactive module, map retrieval module;The User logs in mould
Block is used to receive the checking information input of user, and returns to login confirmation;The shape that the integrated information module passes through picture and text
Formula issues people's livelihood POLICY information;Online friend's interactive module is used to for the enquirement of registered user to be published to default page position
Put;The map retrieval formula module is looked into for receiving the map retrieval input of user, and being shown in the form of electronic three-dimensional map
Ask place;The operation layer accesses the data Layer, and return to output to the application according to the request from the application layer
Layer;The data Layer includes Data access module;The Data access module is used to change inquiry to resource layer execution additions and deletions
Operation;The resource layer includes Database Systems.
2. network inquiry platform as claimed in claim 1, it is characterised in that the security protection system include fire wall and
Web application guard systems;The fire wall is connected with the network insertion node and the web applications guard system respectively, institute
Web applications guard system is stated to be connected with the operation layer by LAN switch.
3. network inquiry platform as claimed in claim 2, it is characterised in that the web applications guard system is at least provided with two
Platform, and redundancy is set to enable the web applications guard system of state and the web application guard systems of stand-by state;Opened when described
Broken down with the web applications guard system of state, entrance is enabled the web applications guard system of the stand-by state through consultation
State.
4. network inquiry platform as claimed in claim 2, it is characterised in that bypass is provided with invasion on the LAN switch
Detecting system.
5. network inquiry platform as claimed in claim 1, it is characterised in that the data Layer also includes data backup module;
The data backup module is used for timing and does data backup to the data in the Database Systems.
6. network inquiry platform as claimed in claim 1, it is characterised in that the application layer also includes hot information module;
Enquirement of the hot information module according to clicking rate and/or comment bar number to the news information or the registered user is carried out
Attention rate is counted and sorted, and is putd question to news information described in attention rate sequencing display and the registered user.
7. network inquiry platform as claimed in claim 1, it is characterised in that the application layer also includes vulnerability scanning module;
The vulnerability scanning module is used to carry out the application layer vulnerability scanning detection, and the leak that bulletin is detected.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611124827.9A CN106789988A (en) | 2016-12-08 | 2016-12-08 | A kind of network inquiry platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611124827.9A CN106789988A (en) | 2016-12-08 | 2016-12-08 | A kind of network inquiry platform |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106789988A true CN106789988A (en) | 2017-05-31 |
Family
ID=58881857
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611124827.9A Pending CN106789988A (en) | 2016-12-08 | 2016-12-08 | A kind of network inquiry platform |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106789988A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107733939A (en) * | 2017-12-12 | 2018-02-23 | 柳州市北龟农业科技孵化器有限公司 | A kind of network consultation service platform |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101257450A (en) * | 2008-03-28 | 2008-09-03 | 华为技术有限公司 | Network safety protection method, gateway equipment, client terminal as well as network system |
CN104010021A (en) * | 2013-12-12 | 2014-08-27 | 宁波公众信息产业有限公司 | Network consultation platform |
-
2016
- 2016-12-08 CN CN201611124827.9A patent/CN106789988A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101257450A (en) * | 2008-03-28 | 2008-09-03 | 华为技术有限公司 | Network safety protection method, gateway equipment, client terminal as well as network system |
CN104010021A (en) * | 2013-12-12 | 2014-08-27 | 宁波公众信息产业有限公司 | Network consultation platform |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107733939A (en) * | 2017-12-12 | 2018-02-23 | 柳州市北龟农业科技孵化器有限公司 | A kind of network consultation service platform |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106033514B (en) | A kind of detection method and device of suspicious process | |
KR101689295B1 (en) | Automated verification method of security event and automated verification apparatus of security event | |
CN102045319B (en) | Method and device for detecting SQL (Structured Query Language) injection attack | |
CN113660224B (en) | Situation awareness defense method, device and system based on network vulnerability scanning | |
CN104283889A (en) | Electric power system interior APT attack detection and pre-warning system based on network architecture | |
CN104767757A (en) | Multiple-dimension security monitoring method and system based on WEB services | |
CN101370008A (en) | System for real-time intrusion detection of SQL injection WEB attacks | |
KR100912794B1 (en) | Web hacking management system and manegement method thereof for real time web server hacking analysis and homepage hacking search | |
CN103428196A (en) | URL white list-based WEB application intrusion detecting method and apparatus | |
János et al. | Security concerns towards security operations centers | |
CN101345751A (en) | Identifying an application user as a source of database activity | |
US20200336498A1 (en) | Method and apparatus for detecting hidden link in website | |
Dharam et al. | Runtime monitors for tautology based SQL injection attacks | |
Roschke et al. | Using vulnerability information and attack graphs for intrusion detection | |
Ben Jaballah et al. | A grey-box approach for detecting malicious user interactions in web applications | |
CN104010021A (en) | Network consultation platform | |
CN109657462A (en) | Data detection method, system, electronic equipment and storage medium | |
CN115361182B (en) | Botnet behavior analysis method, device, electronic equipment and medium | |
CN107358098A (en) | SQL SQL injection detection method and device based on plug-in unit | |
CN116662987A (en) | Service system monitoring method, device, computer equipment and storage medium | |
CN106789988A (en) | A kind of network inquiry platform | |
Gadgikar | Preventing SQL injection attacks using negative tainting approach | |
Bo et al. | Tom: A threat operating model for early warning of cyber security threats | |
Shahid et al. | A Study of XXE Attacks Prevention Using XML Parser Configuration | |
CN107341396A (en) | Intrusion detection method, device and server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |