Summary of the invention
A kind of generation method for being designed to provide inter-cluster communication factor of safety of the embodiment of the present invention, device, medium
And electronic equipment, and then guard system low efficiency in the related technology is overcome at least to a certain extent, and it is at high cost, it can not be to cluster
Communication security between node does the one or more problems protected.
Other characteristics and advantages of the invention will be apparent from by the following detailed description, or partially by the present invention
Practice and acquistion.
According to a first aspect of the embodiments of the present invention, a kind of generation method of inter-cluster communication factor of safety is provided, is wrapped
It includes:
Based on timestamp acquired in current cluster and the preset time window of the current cluster, factor of safety is determined
Process scalar;
The preset random string merging of the factor of safety process scalar sum is converted into hexadecimal character string, and
The character string is determined as the communication security factor;
In response to communication instruction, the identification information of the current cluster and the secure communication factor are mass-sended to object set
It send.
In one embodiment of the invention, the above method further include:
The current cluster is after acquisition time stamp in dynamic clock assembly, by the identification information of the current cluster in institute
The position that acquisition time is stabbed in dynamic clock component is stated to be marked.
In one embodiment of the invention, above-mentioned pre- based on timestamp acquired in current cluster and the current cluster
If time window, determine factor of safety process scalar, comprising:
Pass through formula:
Determine the factor of safety process scalar;Wherein, C indicates the factor of safety process scalar;T indicates current collection
Timestamp acquired in group;△tIndicate the preset time window of the current cluster.
In one embodiment of the invention, it is above-mentioned the character string is determined as the communication security factor after, the side
Method further include: the communication security factor determined is stored in factors memory.
In one embodiment of the invention, above-mentioned to close the preset random string of the factor of safety process scalar sum
And be converted to hexadecimal character string, comprising:
Using the preset random string of factor of safety process scalar sum as the defeated of preset HMAC SHA256 algorithm
Enter value, output length is the hexadecimal string of 20 bytes.
In one embodiment of the invention, above-mentioned to close the preset random string of the factor of safety process scalar sum
And before being converted to hexadecimal character string, the method also includes:
By preset random seed as primary condition, 32 random strings are generated.
According to a second aspect of the embodiments of the present invention, a kind of verification method of inter-cluster communication factor of safety is provided, is wrapped
It includes:
In response to requesting the communication request of communication cluster, the communication request is parsed, the request communication is obtained
The communication security factor and identification information of cluster;
Determine process scalar based on the identification information, and inverse operation carried out to the process scalar, obtain it is to be tested with
Machine character string;
The random string to be tested and the random string of the communication security factor are compared, comparison knot is obtained
Fruit;
When comparing result is consistent, the cluster communicated is requested to establish communication link with described.
In one embodiment of the invention, the above-mentioned communication request in response to requesting communication cluster, asks the communication
It asks and is parsed, obtain the communication security factor and identification information of the request communication cluster, comprising:
The communication request is indicated with vector;
After receiving the communication request, request communication cluster is extracted from the communication request indicated with vector
The communication security factor and identification information.
It is in one embodiment of the invention, above-mentioned that process scalar is determined based on the identification information, comprising:
Mark position by the identification information in dynamic clock component identification information compares, and determines matched
Mark position, and obtain the timestamp of the mark position;
Pass through formula:
Determine process scalar;Wherein, C' indicates the process scalar;T' indicates the timestamp of the mark position;△t
Indicate preset time window.
In one embodiment of the invention, above-mentioned that inverse operation is carried out to the process scalar, obtain random character to be tested
String, comprising:
The communication security factor of communication cluster is requested to be calculated as preset HMAC SHA256 using described in the process scalar sum
The input value of method, the character string to be tested of output 32.
According to a third aspect of the embodiments of the present invention, a kind of generating means of inter-cluster communication factor of safety, comprising:
Determining module, for based on timestamp acquired in current cluster and the preset time window of the current cluster,
Determine factor of safety process scalar;
Conversion module, for by the factor of safety process scalar sum preset random string merging be converted to 16 into
The character string of system, and the character string is determined as the communication security factor;
Sending module, in response to communication instruction, by the identification information of the current cluster and the secure communication because
Son is to object set pocket transmission.
According to a fourth aspect of the embodiments of the present invention, a kind of verifying device of inter-cluster communication factor of safety, comprising:
Parsing module parses the communication request for the communication request in response to requesting communication cluster, obtains
The communication security factor and identification information of the request communication cluster;
Computing module for determining process scalar based on the identification information, and carries out inverse fortune to the process scalar
It calculates, obtains random string to be tested;
Contrast module, for carrying out pair the random string of the random string to be tested and the communication security factor
Than obtaining comparing result;
Communication link establishes module, for requesting the cluster communicated to establish communication with described when comparing result is consistent
Link.
According to a fifth aspect of the embodiments of the present invention, a kind of computer-readable medium is provided, computer is stored thereon with
Program, which is characterized in that the inter-cluster communication factor of safety of above-mentioned first aspect is realized when described program is executed by processor
The verification method of the inter-cluster communication factor of safety of generation method or second aspect.
According to a sixth aspect of the embodiments of the present invention, a kind of electronic equipment is provided, comprising: one or more processors;
Storage device, for storing one or more programs, when one or more programs are executed by one or more processors, so that
One or more processors realize the generation method of the inter-cluster communication factor of safety of above-mentioned first aspect or the collection of second aspect
The verification method of the communication security factor between group.
Technical solution provided in an embodiment of the present invention can include the following benefits:
The embodiment of the invention provides generation method, device, medium and the electronics of a kind of inter-cluster communication factor of safety to set
It is standby, comprising: based on timestamp acquired in current cluster and the preset time window of the current cluster, to determine factor of safety
Process scalar;The preset random string merging of the factor of safety process scalar sum is converted into hexadecimal character string,
And the character string is determined as the communication security factor;In response to communication instruction, by the identification information of the current cluster and institute
The secure communication factor is stated to object set pocket transmission.The technical solution of the embodiment of the present invention passes through connector between cluster, realizes more
The basis communicated between clustered node.Before cluster communication, clustered node generates certainty factor by algorithm, utilizes this dynamic
Certainty factor carry out handshake authentication, once authenticate successfully, inter-cluster communication link establishment, so as to effective protection maliciously attack
The malicious requests that the person of hitting initiates.
It should be understood that above general description and following detailed description be only it is exemplary and explanatory, not
It can the limitation present invention.
Specific embodiment
Example embodiment is described more fully with reference to the drawings.However, example embodiment can be with a variety of shapes
Formula is implemented, and is not understood as limited to example set forth herein;On the contrary, thesing embodiments are provided so that the present invention will more
Fully and completely, and by the design of example embodiment comprehensively it is communicated to those skilled in the art.
In addition, described feature, structure or characteristic can be incorporated in one or more implementations in any suitable manner
In example.In the following description, many details are provided to provide and fully understand to the embodiment of the present invention.However,
It will be appreciated by persons skilled in the art that technical solution of the present invention can be practiced without one or more in specific detail,
Or it can be using other methods, constituent element, device, step etc..In other cases, it is not shown in detail or describes known side
Method, device, realization or operation are to avoid fuzzy each aspect of the present invention.
Block diagram shown in the drawings is only functional entity, not necessarily must be corresponding with physically separate entity.
I.e., it is possible to realize these functional entitys using software form, or realized in one or more hardware modules or integrated circuit
These functional entitys, or these functional entitys are realized in heterogeneous networks and/or processor device and/or microcontroller device.
Flow chart shown in the drawings is merely illustrative, it is not necessary to including all content and operation/step,
It is not required to execute by described sequence.For example, some operation/steps can also decompose, and some operation/steps can close
And or part merge, therefore the sequence actually executed is possible to change according to the actual situation.
Fig. 1 diagrammatically illustrates the generation method stream of inter-cluster communication factor of safety according to an embodiment of the invention
Cheng Tu.
Shown in referring to Fig.1, the generation method of inter-cluster communication factor of safety according to an embodiment of the invention, including
Following steps:
Step S110 determines to pacify based on timestamp acquired in current cluster and the preset time window of current cluster
Total divisor process scalar.
In one embodiment of the invention, current cluster will currently collect after acquisition time stamp in dynamic clock assembly
The identification information of the group position that acquisition time is stabbed in dynamic clock component is marked, can be in cluster in the dynamic clock component
The position of acquired timestamp records the identification information of the cluster.
In one embodiment of the invention, it is carried out between each data-base cluster when communication or fragment etc. operate to each
The time difference of cluster requires, and needs to provide fiducial time using dynamic time component, such as: ntpdate etc., to realize to each
The synchronization of a cluster.
In one embodiment of the invention, pass through formula:
Determine factor of safety process scalar;Wherein, C indicates factor of safety process scalar;T is indicated acquired in current cluster
Timestamp;△tIndicate the preset time window of current cluster.
The preset random string merging of factor of safety process scalar sum is converted to hexadecimal character by step S120
String, and character string is determined as the communication security factor.
In one embodiment of the invention, the preset random string merging of factor of safety process scalar sum is converted to
Before hexadecimal character string, by preset random seed as primary condition, 32 random strings are generated.
In one embodiment of the invention, the input preset random string of factor of safety process scalar sum being used as
Value exports the hexadecimal string that length is 20 bytes by preset HMAC SHA256 algorithm.
In one embodiment of the invention, the communication security factor determined is stored in factors memory.
Step S130, in response to communication instruction, by the identification information of current cluster and the secure communication factor to target cluster
It sends.
In one embodiment of the invention, after receiving communication instruction, the cluster is recalled from factors memory
The communication security factor, to object set pocket transmission.
Fig. 2 diagrammatically illustrates the verification method stream of inter-cluster communication factor of safety according to an embodiment of the invention
Cheng Tu.
Referring to shown in Fig. 2, the verification method of inter-cluster communication factor of safety according to an embodiment of the invention, including
Following steps:
Step S210 parses communication request, acquisition request communication in response to requesting the communication request of communication cluster
The communication security factor and identification information of cluster.
In one embodiment of the invention, communication request is indicated with vector;After receiving communication request, from
The communication security factor and identification information of request communication cluster are extracted in the communication request that vector indicates.
In one embodiment of the invention, the communication that request communication cluster can be received by dedicated communication pipe is asked
It asks.
In one embodiment of the invention, vector (ret, CID) mark can be used in communication request, wherein ret is indicated
The communication security factor, CID indicate the identification information of request communication cluster.
Step S220 determines process scalar based on identification information, and carries out inverse operation to process scalar, obtain it is to be tested with
Machine character string.
In one embodiment of the invention, by identification information dynamic clock component identification information mark position into
Row comparison, determines matched mark position, and obtain the timestamp of mark position;
Pass through formula:
Determine process scalar;Wherein, C' indicates process scalar;The timestamp of T' expression mark position;△tIndicate default
Time window.
In one embodiment of the invention, all labels of traversal in dynamic clock component, and compare therewith,
After being matched to the label of above-mentioned request communication cluster, corresponding timestamp is obtained.
In one embodiment of the invention, using the communication security factor of process scalar sum request communication cluster as default
HMAC SHA256 algorithm input value, 32 character strings to be tested of output.
In one embodiment of the invention, it is known that after process scalar sum requests the communication security factor of communication cluster, lead to
The inverse operation for crossing HMAC SHA256 algorithm, determines random string.
Random string to be tested and the random string of the communication security factor are compared, are compared by step S230
As a result.
In one embodiment of the invention, random words will be determined above by the inverse operation of HMAC SHA256 algorithm
Symbol string and the character string of request communication cluster compare, and obtain comparing result.
Step S240, when comparing result is consistent, the cluster communicated with request establishes communication link.
In one embodiment of the invention, when comparing result is inconsistent, then authentification failure, refusal are communicated from request
The communication request of cluster.
In one embodiment of the invention, when random string is determined in the inverse operation by HMAC SHA256 algorithm
When equal with the request character string of communication cluster, then it is proved to be successful, establishes communication link;As unequal, then authentication failed, refuses
Communication request.
Fig. 3 diagrammatically illustrates the schematic diagram of safe communication system between cluster according to an embodiment of the invention.
Referring to shown in Fig. 3, safe communication system between cluster according to an embodiment of the invention, comprising:
Collect group connector 301, for the connection and communication between each clustered node.
In one embodiment of the invention, a cluster (cluster) refers to that machine runs required necessary resource
Combination, include load balancing, the cloud resources such as node of Cloud Server.What collection group connector realized between clustered node reliable leads to
Letter.Under normal circumstances, distributed communication system can be realized with HTTP, SOCKET or RPC, here by using RPC service.
Each clustered node can dispose a set of collection group connector, and open RPC process, externally provide service.Due to collecting group connector
It is the only way which must be passed that public network (VPC) arrives internal network, therefore connector is designed to the mode that multiple clusters are mutually redundant, that is,
After the connector of one cluster stops working, which will be born by the connector of other clusters.
Factor generator 302, for generating the believable secure communication factor by dynamic algorithm.
In one embodiment of the invention, financial cloud physics computer room is deposited positioned at the region of different geography.Therefore each
A physics computer room requires to dispose more nested factor maker modules, that is, once a set of modules is impaired, other modules can still be held
Continuous, stable external offer service, to guarantee the normal operation of business.
Fig. 4 schematically illustrates the structural schematic diagram of factor generator according to an embodiment of the invention;
In one embodiment of the invention, as shown in figure 4, factor generator mainly includes three components, when (1) dynamic
Clock 401;(2) factor arithmetic unit 402;(3) factors memory 403;Wherein, dynamic clock 401 provides stable Scheduler-Service, protects
The timestamp for demonstrate,proving each computer room cluster is unique;Factor arithmetic unit 402 calculates certainty factor by dynamic generation algorithm;The factor
Memory 403, a kind of nonvolatile memory.For saving the certainty factor of generation.
Fig. 5 schematically illustrates factor generator according to an embodiment of the invention and generates the secure communication factor
Flow chart;
In one embodiment of the invention, as shown in figure 5, firstly, factor arithmetic unit initializes, when setting
Between window △t(default value 1min) works as secondly, factor arithmetic unit is pulled by dedicated communication pipe from dynamic clock assembly
Preceding timestamp, and when pulling timestamp each time, a label can be all played in dynamic clock component here labeled as T,
Label substance is the cluster unique identifier, be labeled as CID, secondly, factor arithmetic unit by random seed generate a string 32
Value, be labeled as K, secondly, pass through time stamp T and time window △tProcess scalar is calculated, C is labeled as.Calculation formula is such as
Under:
Secondly, factor arithmetic unit uses (C, K) to be used as input value, calculating length by HMAC SHA256 algorithm is 20
The hexadecimal string of a byte is labeled as ret.Ret value is exactly certainty factor;Finally, by certainty factor ret be saved in because
In sub memory.
Distributed type assemblies 303, comprising: multiple clusters can communicate between cluster, realize the functions such as cloud computing.
In one embodiment of the invention, when cluster N is communicated with cluster M, progress message is had between the two and is recognized
Card, message authentication process are as follows: certainty factor ret, label C ID are sent to cluster M by dedicated communication pipe by cluster N;This
In, vector (ret, CID) expression can be used in certification message, is labeled as Ciphering Key h;When cluster M receives the authentication proof of cluster N
After message, the CID parameter (in order to distinguish the CID in cluster N, here labeled as CID') in Ciphering Key h is taken out, then, collection
Group M can be in all labels of traversal in dynamic clock component, and compare therewith, and as CID=CID', acquisition is corresponding to it
When timestamp T'.To calculate process scalar C' by following formula,
And then K' is calculated by the inverse operation of algorithm.As random train K=K', cluster N and cluster M are authenticated successfully, are built
Vertical communication connection, cluster M allow the communication request from cluster N;Otherwise, authentification failure, cluster M can then refuse to come from cluster N
Communication.
Bottom component 304, comprising: the underlying physical hardwares resource such as server, network, storage, for mentioning for upper layer finance cloud
For reliable infrastructure service.
The embodiment of the invention provides a kind of generation of inter-cluster communication factor of safety and verification methods, by connecting between cluster
Device is connect, the basis communicated between more clustered nodes is realized.Before cluster communication, clustered node by algorithm generate it is credible because
Son carries out handshake authentication using this dynamic certainty factor, once it authenticates successfully, inter-cluster communication link establishment, so as to
The malicious requests initiated with effective protection malicious attacker.
The device of the invention embodiment introduced below can be used for executing the above-mentioned inter-cluster communication factor of safety of the present invention
Generation and verification method.
Fig. 6 diagrammatically illustrates the generating means of inter-cluster communication factor of safety according to an embodiment of the invention
Block diagram.
Referring to shown in Fig. 6, the generating means 600 of inter-cluster communication factor of safety according to an embodiment of the invention,
Include:
Determining module 601, for based on timestamp acquired in current cluster and the preset time window of current cluster, really
Make factor of safety process scalar;
Conversion module 602, for by the preset random string merging of factor of safety process scalar sum be converted to 16 into
The character string of system, and character string is determined as the communication security factor;
Sending module 603, in response to communication instruction, by the identification information of current cluster and the secure communication factor to mesh
Mark collection pocket transmission.
Due to the inter-cluster communication factor of safety of example embodiments of the present invention generating means each functional module with
The step of example embodiment of the generation method of the inter-cluster communication factor of safety of above-mentioned first aspect, is corresponding, therefore for this hair
Undisclosed details in bright Installation practice please refers to the life of the inter-cluster communication factor of safety of the above-mentioned first aspect of the present invention
At method.
Fig. 7 diagrammatically illustrates the verifying device of inter-cluster communication factor of safety according to an embodiment of the invention
Block diagram.
Referring to shown in Fig. 7, the verifying device 700 of inter-cluster communication factor of safety according to an embodiment of the invention,
Include:
Parsing module 701 parses communication request for the communication request in response to requesting communication cluster, obtains
Request the communication security factor and identification information of communication cluster;
Computing module 702 for determining process scalar based on identification information, and carries out inverse operation to process scalar, obtains
Obtain random string to be tested;
Contrast module 703 is obtained for comparing random string to be tested and the random string of the communication security factor
Obtain comparing result;
Communication link establishes module 704, for when comparing result is consistent, the cluster communicated with request to establish communication chain
Road.
Due to example embodiments of the present invention inter-cluster communication factor of safety verifying device each functional module with
The step of example embodiment of the verification method of the inter-cluster communication factor of safety of above-mentioned second aspect, is corresponding, therefore for this hair
Undisclosed details in bright Installation practice please refers to testing for the inter-cluster communication factor of safety of the above-mentioned second aspect of the present invention
Card method.
Below with reference to Fig. 8, it illustrates the computer systems 800 for the electronic equipment for being suitable for being used to realize the embodiment of the present invention
Structural schematic diagram.The computer system 800 of electronic equipment shown in Fig. 8 is only an example, should not be to the embodiment of the present invention
Function and use scope bring any restrictions.
As shown in figure 8, computer system 800 includes central processing unit (CPU) 801, it can be read-only according to being stored in
Program in memory (ROM) 802 or be loaded into the program in random access storage device (RAM) 803 from storage section 808 and
Execute various movements appropriate and processing.In RAM 803, it is also stored with various programs and data needed for system operatio.CPU
801, ROM 802 and RAM 803 is connected with each other by bus 804.Input/output (I/O) interface 805 is also connected to bus
804。
I/O interface 805 is connected to lower component: the importation 806 including keyboard, mouse etc.;It is penetrated including such as cathode
The output par, c 807 of spool (CRT), liquid crystal display (LCD) etc. and loudspeaker etc.;Storage section 808 including hard disk etc.;
And the communications portion 809 of the network interface card including LAN card, modem etc..Communications portion 809 via such as because
The network of spy's net executes communication process.Driver 810 is also connected to I/O interface 805 as needed.Detachable media 811, such as
Disk, CD, magneto-optic disk, semiconductor memory etc. are mounted on as needed on driver 810, in order to read from thereon
Computer program be mounted into storage section 808 as needed.
Particularly, according to an embodiment of the invention, may be implemented as computer above with reference to the process of flow chart description
Software program.For example, the embodiment of the present invention includes a kind of computer program product comprising be carried on computer-readable medium
On computer program, which includes the program code for method shown in execution flow chart.In such reality
It applies in example, which can be downloaded and installed from network by communications portion 809, and/or from detachable media
811 are mounted.When the computer program is executed by central processing unit (CPU) 801, executes and limited in the system of the application
Above-mentioned function.
It should be noted that computer-readable medium shown in the present invention can be computer-readable signal media or meter
Calculation machine readable storage medium storing program for executing either the two any combination.Computer readable storage medium for example can be --- but not
Be limited to --- electricity, magnetic, optical, electromagnetic, infrared ray or semiconductor system, device or device, or any above combination.Meter
The more specific example of calculation machine readable storage medium storing program for executing can include but is not limited to: have the electrical connection, just of one or more conducting wires
Taking formula computer disk, hard disk, random access storage device (RAM), read-only memory (ROM), erasable type may be programmed read-only storage
Device (EPROM or flash memory), optical fiber, portable compact disc read-only memory (CD-ROM), light storage device, magnetic memory device,
Or above-mentioned any appropriate combination.In the present invention, computer readable storage medium can be it is any include or storage journey
The tangible medium of sequence, the program can be commanded execution system, device or device use or in connection.And at this
In invention, computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal,
Wherein carry computer-readable program code.The data-signal of this propagation can take various forms, including but unlimited
In electromagnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be that computer can
Any computer-readable medium other than storage medium is read, which can send, propagates or transmit and be used for
By the use of instruction execution system, device or device or program in connection.Include on computer-readable medium
Program code can transmit with any suitable medium, including but not limited to: wireless, electric wire, optical cable, RF etc. are above-mentioned
Any appropriate combination.
Flow chart and block diagram in attached drawing are illustrated according to the system of various embodiments of the invention, method and computer journey
The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation
A part of one module, program segment or code of table, a part of above-mentioned module, program segment or code include one or more
Executable instruction for implementing the specified logical function.It should also be noted that in some implementations as replacements, institute in box
The function of mark can also occur in a different order than that indicated in the drawings.For example, two boxes succeedingly indicated are practical
On can be basically executed in parallel, they can also be executed in the opposite order sometimes, and this depends on the function involved.Also it wants
It is noted that the combination of each box in block diagram or flow chart and the box in block diagram or flow chart, can use and execute rule
The dedicated hardware based systems of fixed functions or operations is realized, or can use the group of specialized hardware and computer instruction
It closes to realize.
Being described in unit involved in the embodiment of the present invention can be realized by way of software, can also be by hard
The mode of part realizes that described unit also can be set in the processor.Wherein, the title of these units is in certain situation
Under do not constitute restriction to the unit itself.
As on the other hand, present invention also provides a kind of computer-readable medium, which be can be
Included in electronic equipment described in above-described embodiment;It is also possible to individualism, and without in the supplying electronic equipment.
Above-mentioned computer-readable medium carries one or more program, when the electronics is set by one for said one or multiple programs
When standby execution, so that the electronic equipment realizes the generation method such as the inter-cluster communication factor of safety in above-described embodiment.
For example, above-mentioned electronic equipment may be implemented as shown in Figure 1: step S110, in response to acquired data
Query argument, generation include the first instance class according to query argument;Step S120 parses first instance class, generates
Query statement executes query statement and obtains query result;Query result is written second instance class, and exported by step S130.
It should be noted that although being referred to several modules or list for acting the equipment executed in the above detailed description
Member, but this division is not enforceable.In fact, embodiment according to the present invention, it is above-described two or more
Module or the feature and function of unit can embody in a module or unit.Conversely, an above-described mould
The feature and function of block or unit can be to be embodied by multiple modules or unit with further division.
Through the above description of the embodiments, those skilled in the art is it can be readily appreciated that example described herein is implemented
Mode can also be realized by software realization in such a way that software is in conjunction with necessary hardware.Therefore, according to the present invention
The technical solution of embodiment can be embodied in the form of software products, which can store non-volatile at one
Property storage medium (can be CD-ROM, USB flash disk, mobile hard disk etc.) in or network on, including some instructions are so that a calculating
Equipment (can be personal computer, server, touch control terminal or network equipment etc.) executes embodiment according to the present invention
Method.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to of the invention its
Its embodiment.This application is intended to cover any variations, uses, or adaptations of the invention, these modifications, purposes or
Person's adaptive change follows general principle of the invention and including the undocumented common knowledge in the art of the present invention
Or conventional techniques.The description and examples are only to be considered as illustrative, and true scope and spirit of the invention are by following
Claim is pointed out.
It should be understood that the present invention is not limited to the precise structure already described above and shown in the accompanying drawings, and
And various modifications and changes may be made without departing from the scope thereof.The scope of the present invention is limited only by the attached claims.