CN106789988A - A kind of network inquiry platform - Google Patents

A kind of network inquiry platform Download PDF

Info

Publication number
CN106789988A
CN106789988A CN201611124827.9A CN201611124827A CN106789988A CN 106789988 A CN106789988 A CN 106789988A CN 201611124827 A CN201611124827 A CN 201611124827A CN 106789988 A CN106789988 A CN 106789988A
Authority
CN
China
Prior art keywords
layer
module
data
platform
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611124827.9A
Other languages
Chinese (zh)
Inventor
柴汝松
孙伟
谢永华
杨晓龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201611124827.9A priority Critical patent/CN106789988A/en
Publication of CN106789988A publication Critical patent/CN106789988A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/28Databases characterised by their database models, e.g. relational or object models
    • G06F16/284Relational databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/951Indexing; Web crawling techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • G06F16/9537Spatial or temporal dependent retrieval, e.g. spatiotemporal queries
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computational Linguistics (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a kind of network platform, more particularly to a kind of network inquiry platform, including:Access Layer, application layer, operation layer, data Layer and resource layer;Application layer is connected with Access Layer and operation layer respectively, and operation layer is connected with data Layer;Access Layer includes the network insertion node and the security protection system that are connected with each other;Application layer is used to send to process to operation layer to ask, and including:User log-in block, integrated information module inquires about service module, online friend's interactive module, map retrieval module;Operation layer accesses data Layer, and return to output to application layer according to the request from application layer;Data Layer includes Data access module;Data access module is used to perform resource layer the operation that additions and deletions change inquiry;Resource layer includes Database Systems.The beneficial effects of the invention are as follows:Complete Security mechanism is employed, the security protection system of complete set has been constructed, the safety and reliability of searching platform is effectively guaranteed.

Description

A kind of network inquiry platform
Technical field
The present invention relates to a kind of network platform, more particularly to a kind of network inquiry platform.
Background technology
Nowadays, as the application of information network technique becomes increasingly popular, website promotion already turn into now society most it is rapid most The effective way of promotion.People's livelihood searching platform as the information interchange between government and the public tie, it is government's machine Pass realize government affairs information disclose, service enterprise and the public, interaction, and understand the important channel of the will of the people, be also to obtain The important channel that the public obtains government services information is taken, the mutual understanding between government and the public is may advantageously facilitate, therefore have Important meaning.
But on the other hand, the network security problem that website is faced also is becoming to become increasingly complex.For example, passing through webpage Extension horse makes user suffer a loss.For another example, by modes such as DDOS to the attack in line service, or distorting to web page contents Deng invariably to the normal using causing heavy damage of website.And for the government website as people's livelihood query web, This problem then seems even more serious, because this will have influence on government authority and government image.In fact, in recent years, for The cyber-attack of government website is also really of common occurrence.
Therefore, the people's livelihood inquiry network platform is required to effectively take precautions against unknown network risks, for the public provides Safe and reliable information service.
The content of the invention
The invention provides a kind of network inquiry platform, it is therefore intended that solve the above problems.
Concrete technical scheme is as follows:
A kind of network inquiry platform, the network inquiry platform is based on browser/server framework, wherein, the network The server end of searching platform includes:Access Layer, application layer, operation layer, data Layer and resource layer;
The application layer is connected with Access Layer and operation layer respectively, and the operation layer is connected with the data Layer;
The Access Layer includes the network insertion node and the security protection system that are connected with each other;
The application layer is used to send to process to the operation layer to ask, and including:User log-in block, integrated information Module, inquires about service module, online friend's interactive module, map retrieval module;The user log-in block is used to receive testing for user Card information input, and return to login confirmation;The integrated information module issues people's livelihood POLICY by the form of picture and text Information;Online friend's interactive module is used to for the enquirement of registered user to be published to default page location;The map retrieval formula mould Block is used to receive the map retrieval input of user, and place is shown in the form of electronic three-dimensional map;
The operation layer accesses the data Layer, and returns to output and answered to described according to the request from the application layer With layer;
The data Layer includes Data access module;The Data access module is used to change resource layer execution additions and deletions The operation of inquiry;
The resource layer includes Database Systems.
Preferably, the security protection system includes fire wall and web application guard systems;
The fire wall is connected with the network insertion node and the web applications guard system respectively, the web applications Guard system is connected by LAN switch with the operation layer.
Preferably, the web applications guard system is at least provided with two, and redundancy is set to enable the web applications of state The web application guard systems of guard system and stand-by state;
When the web applications guard system for enabling state breaks down, the web application guard systems of the stand-by state Enter through consultation and enable state.
Preferably, bypass is provided with intruding detection system on the LAN switch.
Preferably, the data Layer also includes data backup module;The data backup module is used for timing to the number Data backup is done according to the data in the system of storehouse.
Preferably, the application layer also includes hot information module;The hot information module is according to clicking rate and/or comments Enquirement by bar number to the news information or the registered user carries out attention rate statistics and sequence, and aobvious with attention rate sequence Show that the news information and the registered user put question to.
Preferably, the application layer also includes vulnerability scanning module;The vulnerability scanning module is used for the application layer Carry out vulnerability scanning detection, and the leak that bulletin is detected.
The beneficial effects of the invention are as follows:
A kind of network inquiry platform of the invention, the pattern based on browser/server services body using multiechelon system Architecture is realized, and is cooperated by interface between each composition, the function of common completion system, it is ensured that system expands Exhibition, upgradability;Meanwhile, present invention employs complete Security mechanism, realized to attack by vulnerability scanning module Take precautions against, prevent to attack immediately by fire wall and web applications guard system, realized to network data by intruding detection system Monitoring, service data can be returned to the state of Backup Data by data backup module, enhance the redundancy ability of platform, So as to construct the security protection system of complete set, the safety and reliability of searching platform is effectively guaranteed.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, drawings in the following description are only this Some embodiments of invention, for those of ordinary skill in the art, without having to pay creative labor, may be used also Other accompanying drawings are obtained with according to these accompanying drawings.
Fig. 1 is a kind of structural representation of the embodiment of network inquiry platform of the invention;
Fig. 2 is a kind of structural representation of the Access Layer of the embodiment of network inquiry platform of the invention.
Specific embodiment
The invention will be further described with specific embodiment below in conjunction with the accompanying drawings, but not as limiting to the invention.
A kind of network inquiry platform is disclosed in one embodiment of the present of invention, the network inquiry platform be based on browser/ Server architecture.As shown in figure 1, wherein, the server end of network inquiry platform includes:Access Layer, application layer, operation layer, number According to layer and resource layer;Application layer is connected with Access Layer and operation layer respectively, and operation layer is connected with data Layer;Access Layer includes The network insertion node and security protection system of interconnection;Application layer is used to send treatment request to operation layer, and wraps Include:User log-in block, integrated information module inquires about service module, online friend's interactive module, map retrieval module;User logs in Module is used to receive the checking information input of user, and returns to login confirmation;The form that integrated information module passes through picture and text Issue people's livelihood POLICY information;Online friend's interactive module is used to for the enquirement of registered user to be published to default page location;Map Retrieval type module is used to receive the map retrieval input of user, and place is shown in the form of electronic three-dimensional map;Operation layer root According to the request from application layer, data Layer is accessed, and return to output to application layer;Data Layer includes Data access module;Data Access modules are used to perform resource layer the operation that additions and deletions change inquiry;Resource layer includes Database Systems.It is embodied in one kind In mode, above-mentioned Database Systems can be orcal databases, or SQLserver databases.
On the basis of above-mentioned technical proposal, security protection system includes fire wall and web application guard systems;Fire wall It is connected with network insertion node and web application guard systems respectively, web applications guard system passes through LAN switch and business Layer connection.In another specific embodiment, above-mentioned fire wall can be connected directly with LAN switch, and web should Then it is connected on LAN switch in the way of bypassing and monitoring with guard system.
On the basis of above-mentioned technical proposal, as shown in Fig. 2 web applications guard system is at least provided with two, and redundancy sets It is set to the web applications guard system of the state of enabling and the web application guard systems of stand-by state;When the web of the state that enables is applied Guard system breaks down, and entrance enables state to the web applications guard system of stand-by state through consultation.
On the basis of above-mentioned technical proposal, bypass is provided with intruding detection system on LAN switch.Above-mentioned invasion Detecting system obtains the generation event in network by detecting all links for being connected to server from whole computing environment, And generation event is analyzed, obtain analysis result.For example, the security strategy run counter to for special object of predefined Event, and detect whether the generation event in network corresponds to therewith.Based on resulting analysis result, corresponding reaction is made, Connection is such as cut off, is changed file attributes, or send alarm etc., and record the attack to system.The fire wall of platform Mandate filtering effectively can be carried out to outside access user, but the destruction of authority user high cannot be prevented.And enter Invading detecting system can carry out effectively protecting and monitoring for the special object of plateform system, meanwhile, examined by above-mentioned invasion Examining system, can effectively prevent the security threat from platform Intranet, therefore form effective complementation with fire wall.
On the basis of above-mentioned technical proposal, data Layer also includes data backup module;Data backup module is used for timing Data backup is done to the data in Database Systems.
On the basis of above-mentioned technical proposal, application layer also includes hot information module;Hot information module is according to click The enquirement of rate and/or comment bar number to news information or registered user carries out attention rate statistics and sequence, and is sorted with attention rate Display news information and registered user put question to.
On the basis of above-mentioned technical proposal, application layer also includes vulnerability scanning module;Vulnerability scanning module is used for correspondence Vulnerability scanning detection, and the leak that bulletin is detected are carried out with layer.Specifically, above-mentioned vulnerability scanning module, can be base The attack to system is simulated in test script, is then analyzed, so as to detect system safety leakage that may be present Hole.
By a kind of network inquiry platform of the pattern based on browser/server of the invention, using multiechelon system Service system structure is realized, and is cooperated by interface between each composition, the function of common completion system, it is ensured that system Expansible, upgradability;Meanwhile, present invention employs complete Security mechanism, realize attacking against each other by vulnerability scanning module The strick precaution hit, prevents to attack immediately by fire wall and web applications guard system, is realized to network number by intruding detection system According to monitoring, service data can be returned to the state of Backup Data by data backup module, enhance the disaster tolerance of platform Ability, so as to construct the security protection system of complete set, is effectively guaranteed the safety and reliability of searching platform.
Preferred embodiments of the present invention are the foregoing is only, embodiments of the present invention and protection model is not thereby limited Enclose, to those skilled in the art, should can appreciate that done by all utilization description of the invention and diagramatic content Scheme obtained by equivalent and obvious change, should be included in protection scope of the present invention.

Claims (7)

1. a kind of network inquiry platform, the network inquiry platform is based on browser/server framework, it is characterised in that described The server end of network inquiry platform includes:Access Layer, application layer, operation layer, data Layer and resource layer;The application layer point It is not connected with Access Layer and operation layer, the operation layer is connected with the data Layer;The Access Layer includes what is be connected with each other Network insertion node and security protection system;The application layer is used to send to process to the operation layer to ask, and including:With Family login module, integrated information module inquires about service module, online friend's interactive module, map retrieval module;The User logs in mould Block is used to receive the checking information input of user, and returns to login confirmation;The shape that the integrated information module passes through picture and text Formula issues people's livelihood POLICY information;Online friend's interactive module is used to for the enquirement of registered user to be published to default page position Put;The map retrieval formula module is looked into for receiving the map retrieval input of user, and being shown in the form of electronic three-dimensional map Ask place;The operation layer accesses the data Layer, and return to output to the application according to the request from the application layer Layer;The data Layer includes Data access module;The Data access module is used to change inquiry to resource layer execution additions and deletions Operation;The resource layer includes Database Systems.
2. network inquiry platform as claimed in claim 1, it is characterised in that the security protection system include fire wall and Web application guard systems;The fire wall is connected with the network insertion node and the web applications guard system respectively, institute Web applications guard system is stated to be connected with the operation layer by LAN switch.
3. network inquiry platform as claimed in claim 2, it is characterised in that the web applications guard system is at least provided with two Platform, and redundancy is set to enable the web applications guard system of state and the web application guard systems of stand-by state;Opened when described Broken down with the web applications guard system of state, entrance is enabled the web applications guard system of the stand-by state through consultation State.
4. network inquiry platform as claimed in claim 2, it is characterised in that bypass is provided with invasion on the LAN switch Detecting system.
5. network inquiry platform as claimed in claim 1, it is characterised in that the data Layer also includes data backup module; The data backup module is used for timing and does data backup to the data in the Database Systems.
6. network inquiry platform as claimed in claim 1, it is characterised in that the application layer also includes hot information module; Enquirement of the hot information module according to clicking rate and/or comment bar number to the news information or the registered user is carried out Attention rate is counted and sorted, and is putd question to news information described in attention rate sequencing display and the registered user.
7. network inquiry platform as claimed in claim 1, it is characterised in that the application layer also includes vulnerability scanning module; The vulnerability scanning module is used to carry out the application layer vulnerability scanning detection, and the leak that bulletin is detected.
CN201611124827.9A 2016-12-08 2016-12-08 A kind of network inquiry platform Pending CN106789988A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611124827.9A CN106789988A (en) 2016-12-08 2016-12-08 A kind of network inquiry platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611124827.9A CN106789988A (en) 2016-12-08 2016-12-08 A kind of network inquiry platform

Publications (1)

Publication Number Publication Date
CN106789988A true CN106789988A (en) 2017-05-31

Family

ID=58881857

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611124827.9A Pending CN106789988A (en) 2016-12-08 2016-12-08 A kind of network inquiry platform

Country Status (1)

Country Link
CN (1) CN106789988A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107733939A (en) * 2017-12-12 2018-02-23 柳州市北龟农业科技孵化器有限公司 A kind of network consultation service platform

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101257450A (en) * 2008-03-28 2008-09-03 华为技术有限公司 Network safety protection method, gateway equipment, client terminal as well as network system
CN104010021A (en) * 2013-12-12 2014-08-27 宁波公众信息产业有限公司 Network consultation platform

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101257450A (en) * 2008-03-28 2008-09-03 华为技术有限公司 Network safety protection method, gateway equipment, client terminal as well as network system
CN104010021A (en) * 2013-12-12 2014-08-27 宁波公众信息产业有限公司 Network consultation platform

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107733939A (en) * 2017-12-12 2018-02-23 柳州市北龟农业科技孵化器有限公司 A kind of network consultation service platform

Similar Documents

Publication Publication Date Title
CN106033514B (en) A kind of detection method and device of suspicious process
KR101689295B1 (en) Automated verification method of security event and automated verification apparatus of security event
CN102045319B (en) Method and device for detecting SQL (Structured Query Language) injection attack
CN113660224B (en) Situation awareness defense method, device and system based on network vulnerability scanning
CN104283889A (en) Electric power system interior APT attack detection and pre-warning system based on network architecture
CN104767757A (en) Multiple-dimension security monitoring method and system based on WEB services
CN101370008A (en) System for real-time intrusion detection of SQL injection WEB attacks
KR100912794B1 (en) Web hacking management system and manegement method thereof for real time web server hacking analysis and homepage hacking search
CN103428196A (en) URL white list-based WEB application intrusion detecting method and apparatus
János et al. Security concerns towards security operations centers
CN101345751A (en) Identifying an application user as a source of database activity
US20200336498A1 (en) Method and apparatus for detecting hidden link in website
Dharam et al. Runtime monitors for tautology based SQL injection attacks
Roschke et al. Using vulnerability information and attack graphs for intrusion detection
Ben Jaballah et al. A grey-box approach for detecting malicious user interactions in web applications
CN104010021A (en) Network consultation platform
CN109657462A (en) Data detection method, system, electronic equipment and storage medium
CN115361182B (en) Botnet behavior analysis method, device, electronic equipment and medium
CN107358098A (en) SQL SQL injection detection method and device based on plug-in unit
CN116662987A (en) Service system monitoring method, device, computer equipment and storage medium
CN106789988A (en) A kind of network inquiry platform
Gadgikar Preventing SQL injection attacks using negative tainting approach
Bo et al. Tom: A threat operating model for early warning of cyber security threats
Shahid et al. A Study of XXE Attacks Prevention Using XML Parser Configuration
CN107341396A (en) Intrusion detection method, device and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170531