CN109508962A - The campus informatization framework of EDU cloud DaaS and cloud school one - Google Patents

The campus informatization framework of EDU cloud DaaS and cloud school one Download PDF

Info

Publication number
CN109508962A
CN109508962A CN201811517042.7A CN201811517042A CN109508962A CN 109508962 A CN109508962 A CN 109508962A CN 201811517042 A CN201811517042 A CN 201811517042A CN 109508962 A CN109508962 A CN 109508962A
Authority
CN
China
Prior art keywords
cloud
school
campus
data
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811517042.7A
Other languages
Chinese (zh)
Inventor
孙左奇
郑金平
郝文延
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHANGZHI MEDICAL COLLEGE
Original Assignee
CHANGZHI MEDICAL COLLEGE
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHANGZHI MEDICAL COLLEGE filed Critical CHANGZHI MEDICAL COLLEGE
Priority to CN201811517042.7A priority Critical patent/CN109508962A/en
Publication of CN109508962A publication Critical patent/CN109508962A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/20Education
    • G06Q50/205Education administration or guidance

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Human Resources & Organizations (AREA)
  • Tourism & Hospitality (AREA)
  • Marketing (AREA)
  • Physics & Mathematics (AREA)
  • Economics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Educational Technology (AREA)
  • Educational Administration (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Data Mining & Analysis (AREA)
  • General Health & Medical Sciences (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses the campus informatization frameworks of EDU cloud DaaS and cloud school one, the mixing cloud mode of cloud is shared using public cloud+campus private clound based on EDU cloud DaaS, (micro- portal)+(cloud service)+(number center)+(school business) novel campus informatization framework, that is " the one-stop micro services portal in multiple terminals+one-stop micro services cloud platform (EDU cloud DaaS)+school end shared data platform+in the school business application system " innovation Informatization Construction of Campus new architecture, Construction of University is helped completely to unify, it is technologically advanced, covering is comprehensive, using deeply, efficient stable, safe and reliable Intelligent campus, it eliminates information island and applies isolated island, establish school grade unified information system, realize that inter-sectional process is unobstructed, respective services management work and numerous teaching and administrative staffs to campus provide immanent One-stop service.

Description

The campus informatization framework of EDU cloud DaaS and cloud school one
Technical field
The present invention relates to Intelligent campus and digital campus construction field, and in particular to EDU cloud DaaS and cloud school one Campus informatization framework.
Background technique
With the fast development of information technology, people be not content with from single operation system provide fixation, have The information service of limit.It wants to across numerous operation systems, from big data, excavating more valuable data is user The information service that need to be is provided.But existing various application systems are got through, how data to be made full use of to provide letter for user Breath services none fit closely landing solution.All among trial.
Campus informatization comes into internet+epoch, and informationization has become the new engine of Developing Institutions of Higher Learning.School is to letter The demand of breathization has been turned to that provide for teachers and students i.e. need to information service i.e. by past service-oriented service management management.This is right The architecture mode of campus informatization provides a new issue.
Currently, typical digital campus construction mode has following three kinds:
1. three large platform construction mode system architectures are as follows: application system+uniform data center+unified identity authentication+unification Information portal.This mode is PC application product of the time.
Construction characteristic: solving campus data normalization, realizes user's single-sign-on, and campus application system united portal is stepped on Record, information system optimization and reengineering.
There are problems: bad, reengineering realization difficulty is supported in mobile.Information still service-oriented management, could not face To service.It only rests on to the original system optimizing phase.
2. one-stop service modular system framework are as follows: application system+one-stop service platform.It is an expansion of OA application Exhibition.Using BPM workflow management tool, data are extracted from original operation system, provide working service for teachers and students.
Construction characteristic: campus information service is highlighted.The information system of service-oriented management, by customizing form and Flow engine provides convenient and fast information service for teachers and students and administrative department.One-stop service platform is extracted from single application system Data provide information service by customizing form and flow engine and one-stop information portal for campus teachers and students.The structure expands Application system function is opened up, change information turns to service management service steering and provides information service into teachers and students.
There are problems: do not establish unified data center, data only in monomer applications system database, to provide across There are certain difficulties for the data service of system.
3. micro services modular system framework are as follows: micro services platform+micro services
This framework overturns conventional software architectural mode, and past monomer applications program is become micro services one by one.It is prominent Mobile Campus Information service out.
Construction characteristic: developer provides special micro- application for campus business based on the development platform of oneself for user.It is micro- Using in the cloud platform for operating in developer.Development efficiency is improved, school's investment is reduced.School information personnel requirement is dropped It is low.
There are problems: having abandoned the application system for campus service management service, conventional management business is affected.School Garden data have all been placed on developer cloud, and school's data assets receive threat.Service quality receives the influence of developer.
Summary of the invention
To solve the above problems, the present invention provides the campus informatization frameworks of EDU cloud DaaS and cloud school one.
To achieve the above object, the technical scheme adopted by the invention is as follows:
The campus informatization framework of EDU cloud DaaS and cloud school one, including
Data sharing center in campus, each application system, realization all application system data sharings in the school are built in the school for fusion Vertical campus standard primary database provides big data and one-stop service support for campus;
The one-stop micro services platform of EDU cloud DaaS sets up privately owned cloud outside school, EDU cloud DaaS is used to provide greatly for user Data acquisition, data cleansing, data unification exchange, creation Service Source, the data i.e. service for issuing dynamic apis;From University Interior shared data center extraction data quickly provide " office and information inquiry are one-stop on line " information service for colleges and universities teachers and students; Each application program in the school is got through, new application service is provided for campus;Cloud unified identity authentication is constructed, realizes that campus system is stepped on Land " account is logical ";Multi-tenant service is provided, a cloud platform is supported to provide information service for more colleges and universities;The EDU cloud DaaS is One i.e. service cloud platform towards multi-tenant data and information, each user can be by EDU cloud DaaS from the number of our unit According to central draw data, the information service portal (supporting multihead display) of our unit is established, by EDU cloud DaaS again then for this Unit user provides information service.Cloud unified identity authentication is constructed, realizes that campus system logs in " account is logical ";Rent is provided more Family service supports that a cloud platform is that more platforms realize unified identity authentication.User can open in EDU cloud DaaS login account If service.Each colleges and universities can voluntarily construct the one-stop information service portal in this school according to this school characteristic;The portal supports mobile terminal, It is convenient to provide one-stop information service anywhere or anytime for teachers and students;
One-stop service portal, each colleges and universities can voluntarily construct the one-stop information service portal in this school according to this school characteristic;It should Portal supports mobile terminal, convenient to provide one-stop information service anywhere or anytime for teachers and students;
Cloud resource manage platform, for for whole system provide tenant's management, resource management, management and running, operation and maintenance supervising, The functions such as Sharing Management.
Further, data sharing center in the campus is docked with each application system in the school by data tool;It establishes Shared data center in the school is played, master data management, data integration supervision, data quality management, backup data management, data are completed The function of monitoring is run, master data can be used as a data resource packet (api interface), provide data for campus one-stop service Support.
Further, the one-stop micro services cloud platform extracts a station from campus data sharing center by ETL tool Data required for formula information service, for realizing superposition workflow management, message management, authentication, the functions such as portal management, Zero_time holding provides one-stop information service for campus teachers and students.
Further, the one-stop micro services cloud platform by ESB Enterprise Service Bus and unitary service platform, uniformly Authentication, unified micro services development platform, uniform service portal framework etc. are reproduced with each application system implementation process in campus, are Campus Information System provides new micro services application system.
Further, the informatization framework supports application demand different in platform using mixing multi-tenant architecture.
Further, the informatization framework carries out the read-write of mass data using NoSql technology.
Further, the informatization framework is divided into access layer, operation layer, picks out layer by segmentation event-driven framework, Access layer is responsible for receiving the service invocation request of applications, and request is passed through message queue (asynchronous analog is synchronous) or local Native mode (penetrates), is sent to core engine, how much (thread pool is big according to the resource of distribution for the thread pool of core engine It is small), the request message in message queue is handled, and processing result is returned into access channel.Meanwhile core engine tune When with external service, message or local mode are also similarly used, is sent in the queue for pick out layer and is handled, thus by original Synchronization request processing, be converted into three sections of asynchronous process of message mode, guarantee that height when access is handled up, isolation external service is not Resource occupation caused by stablizing.
The invention has the following advantages:
Based on the advanced Informatization Construction of Campus new concept of internet+education, cloud is shared using public cloud+campus private clound Mixing cloud mode, (cloud service)+(number center)+(school business) novel campus informatization framework, i.e., " one-stop micro services cloud is flat The digital applications system of platform+school end shared data platform+in the school " innovation Informatization Construction of Campus new architecture, helps Construction of University Complete unified, technologically advanced, covering comprehensively, using deeply, efficient stable, safe and reliable Intelligent campus, elimination information island With apply isolated island, establish school grade unified information system, realize that inter-sectional process is unobstructed, to the respective services management work in campus and Numerous teaching and administrative staffs provide immanent one-stop service.Realize the management environment of wisdom, the teaching environment of wisdom, wisdom Living environment, the scientific research environment of wisdom of change realize information sharing and the business cooperation of whole school's range, realize course of education Overall salary strategy improves school instruction quality, scientific research and management level and efficiency.The final core competitiveness for improving school, it is real The great-leap-forward development of existing school.
Detailed description of the invention
Fig. 1 is the architecture diagram of the campus informatization framework of EDU of embodiment of the present invention cloud DaaS and cloud school one.
Fig. 2 is the system block diagram of the campus informatization framework of EDU of embodiment of the present invention cloud DaaS and cloud school one.
Fig. 3 is the schematic diagram of the read-write mode of mass data in the embodiment of the present invention.
Specific embodiment
The present invention is described in detail combined with specific embodiments below.Following embodiment will be helpful to the technology of this field Personnel further understand the present invention, but the invention is not limited in any way.It should be pointed out that the ordinary skill of this field For personnel, without departing from the inventive concept of the premise, various modifications and improvements can be made.These belong to the present invention Protection scope.
As shown in Figure 1, the embodiment of the invention provides the campus informatization framework of a kind of EDU cloud DaaS and cloud school one, Including
Data sharing center in campus is led to each application system in the school, such as personnel system, education administration system, work system Cross the docking of the data tools such as ODS;Shared data center in the school is set up, master data management, data integration supervision, data matter are completed The functions such as buret reason, backup data management, data run monitoring, provide data supporting for campus one-stop service;
The one-stop micro services platform of EDU cloud DaaS is erected at privately owned cloud outside school using EDU cloud DaaS service platform, from Shared data center extraction data in University quickly provide " office and information inquiry are one-stop on line " information for colleges and universities teachers and students Service;Each application program in the school is got through, new application service is provided for campus;Cloud unified identity authentication is constructed, realizes campus System logs in " account is logical ";Multi-tenant service is provided, a cloud platform is supported to provide information service for more colleges and universities;It passes through ETL Tool extracts data required for one-stop information service from campus data sharing center, for realizing superposition workflow management, disappears Breath management, authentication, the functions such as portal management, zero_time holding provide one-stop information service for campus teachers and students;Pass through ESB enterprise Service bus and unitary service platform, unified identity authentication, unified micro services development platform, uniform service portal framework etc. and school Each application system implementation process reconstruction in garden, new micro services application system is provided for Campus Information System;
One-stop service portal, each colleges and universities can voluntarily construct the one-stop information service portal in this school according to this school characteristic;It should Portal supports mobile terminal, convenient to provide one-stop information service anywhere or anytime for teachers and students;
Cloud resource manage platform, for for whole system provide tenant's management, resource management, management and running, operation and maintenance supervising, The functions such as Sharing Management.
In the present embodiment, operation flow platform be based on SOA modular design mode, with flowsheet platform, application development platform, Based on Mobile Development platform, portal platform, public service and flow services are provided towards colleges and universities' service application, using integration Design and unified Modeling, hardware and software platform construction method form colleges and universities' operation flow platform.
In the present embodiment, the informatization framework supports application different in platform to need using mixing multi-tenant architecture It asks.All tenants are shared with (cloud process flow operation platform can be a node, be also possible in a cloud process flow operation platform Multiple clustered nodes are transparent to tenant), the data between tenant are mutually isolated, the tissue of different tenant's support maintenances oneself Mechanism, authority models, work calendar;All flow datas of flow definition, flow instance are also tight between different tenants simultaneously The isolation of lattice.Cloud flowsheet platform tenant architecture under multi-tenant model, can really with lower cost meet tenant for The demand of business events flow path realizes the maximization of itself economic interests.
The multi-tenant that mixing multi-tenant architecture is divided into application is supported and the multi-tenant of data is supported, wherein the more examples applied It can be deployed to respectively on different host (virtual machine or physical machine) or same host with more examples of database:
The multi-tenant of application is supported
Using multiple instances deployment, suitable applications example is forwarded requests to by tenant's load balancing of front end;
Each application example can do active and standby, prevent Single Point of Faliure;
Multiple tenants are supported to use same application example.As AppInstance1 supports tenant A, B, C;
A tenant is supported to use multiple application examples.As tenant C uses AppInstance1 and 2 simultaneously;
A tenant is supported to use an application example.As AppInstance3 is used alone in tenant D;
The multi-tenant of data is supported
Database multiple instances deployment determines which database instance used by application example;
Each database instance can do active and standby, prevent Single Point of Faliure;
Multiple tenants are supported to support tenant A, B, D using same database instance, such as DBInstance1.In this kind of situation Under can also be further divided into:
Tenant shares Schema.As tenant A, B share a Schema, need when tenant shares Schema to table structure There is certain constraint, every table has required a specific TENANT_ID field to distinguish different tenants
Tenant exclusively enjoys Schema.As tenant D exclusively enjoys a Schema
A tenant is supported to use a database instance.As DBInstance2 is used alone in tenant C.
Tenant's information is distinguished by domain identifier (DomainID) in cloud flowsheet platform framework, faces cloud stream from database layer Journey operation platform guarantees the transparency, and the unified storage of data, so that deployment architecture is extremely simple.The order that different tenants pass through safety Board mechanism accesses the data inside tenant, and the data isolation between tenant includes flow definition isolation, flow instance data isolation, appoints Pragmatic example isolation;
In the present embodiment, the informatization framework carries out the read-write of mass data using NoSql technology, as shown in Figure 3.
In the present embodiment, the informatization framework provides the segment processing for being based on SEDA (i.e. segmented event-driven framework) Ability is divided into access layer, operation layer, picks out layer, access layer is responsible for receiving the clothes of applications by being segmented event-driven framework Business call request, and request is sent to core by message queue (asynchronous analog is synchronous) or local Native mode (penetrating) The thread pool of heart engine, core engine is how many (thread pool size) according to the resource of distribution, to the request message in message queue It is handled, and processing result is returned into access channel.Meanwhile core engine is when calling external service, also similarly using disappearing Breath or local mode, are sent in the queue for pick out layer and are handled, so that original synchronization request be handled, be converted into message Three sections of asynchronous process of mode guarantee that height when access is handled up, resource occupation caused by isolation external service is unstable.
Each of SEDA segmented architecture Stage substantially includes several partial contents: event queue, event handler, control Device processed, resource pool etc., event queue are responsible for receiving access request, receive and carry out traffic statistics, permission school by controller after request It tests, resource allocation etc., is finally handled by event handler.In actual use, business can be grouped, every group of business can It is handled by different Stage, multiple Stage can directly be handled with cooperating finishing service.It is this to be based on SEDA framework Flow engine service processing mode have the following characteristics that
1) it accesses, handle, picking out three sections of asynchronous decouplings, facilitating extension;
2) processing can be grouped by business need;
3) resource rational allocation is carried out according to business need situation and stretched;
4) external unstable factor is isolated, ensures engine reliability service;
5) flow, permission, overtime control and abnormality processing etc. are supported, processing mode is expansible.
In the present embodiment, logically drawn in school's overall applicability process of construction with the function of unified identity authentication platform Point, can be divided into unified user management, unified Role Management, unified authorization management, unified certification management, unified application management, Integrated service management and operation audit management
It describes in detail below to each function of unified identity authentication platform.
Unified user management
Unified user management subsystem includes user management, user group management, the big subfunction of information department management three.
User management
User management provides user account newly-increased, user basic information modification, the deletion of user account, user account Freeze, user account thaw, user corresponds to the setting of attribute, user corresponds to the setting of role, user correspond to user group setting, User corresponds to the function of the setting of organization.
Information department management
Organization can be there are many bore be managed, and management bore can be with self-defining.One user may belong to multiple Organization.It is the relationship of multi-to-multi between user and organization.
To the essential information of organization, the management of the data such as hierarchical relationship, including browses, increases newly, modifies, deletes, leads Enter, export, merging, fractured operation.
Unified Role Management
Role is the set of the user with certain a kind of identical permission in a certain application system.One role can only correspond to One application system of registration.One role may include multiple users, and equally, a user can also possess various rolls.
Role Management
1) role is increased newly
2) role is modified
3) role is deleted
Role organizes management
Role's group is the set of one group of role across application system that can distribute to certain user simultaneously, defines role's group Concept be in order to more flexible in unified authorization function and conveniently.Role's group information includes: that role organizes mark, role's group name Claim, whether effectively.
Unified authorization management
Unified authorization management provides being associated with for role and user, user group and organization, attribute and user, user group Association.Graduation authorization management includes following four Xiang Gongneng:
Role function rights management
All application functions and application permission of the affiliated application system of role are listed in tree-like mode, it is multiple with tree node Permission possessed by role is arranged in the mode of choosing.While provided with father's role-security, all child node roles below node In all inherit the permission of father role.
User role attribute management
Role needs to be divided into two class roles, and a kind of role is only with the access authority of operation system, a kind of role business by all means The authorization privilege of system distinguishes the management for authorizing unified identity authentication itself.
Role's graduation authorization management
We can divide two major class according to whether with grading authorized function role: one kind has grading authorized function Role;Another kind of is conventional character, does not both have grading authorized function.
The grading authorized function of role in order to realize unified identity authentication platform first has to realize have grading authorized function Role in unified identity authentication platform have which permission.Therefore, we unified identity authentication platform itself these Function is registered in unified application management
The grading authorized function of role of realizing unified identity authentication platform, will followed by realize with grading authorized function The scope management of the operable data of role.Including the following three aspects:
1. the range of user data expands the range of manageable organization in user data range.
2. the range of character data expands the range of manageable user group in the range of character data.
3. the range of the application function of registration, application permission, application attribute.
Unified certification management
The login mode of user is managed, a variety of identification authentication modes are provided, supports following user authentication mode:
User name/password certification
For using the user of system by computer, if the user is entered for the first time or has timed out when exiting, it is System is by automatic spring the user name and password dialog box, after user correctly enters the user name and password, so that it may according to the power of oneself Limit accesses the application and data of each application system
Digital certificate authentication
System provides open interface, and the later period can extend realization and authenticate including CA certificate authentication interface, dynamic password card The integration of a variety of data signatures including interface, smart card authentication interface etc. realizes that the digital certificate according to provided by user is known Other user identity is automatically performed login, or completes to log in after obtaining user password confirmation again according to security strategy.
SSO certification
Single-sign-on function is provided, it is primary to realize that user logs in, so that it may access all integrated application and service.
Authenticate integrated interface
The heterogeneous system that this system provides authentication is supported, the certification integrated interface of standard is provided, for other systems Developer calls.The realization of standard interface there are several types of:
Net interface;JAVA interface;ASP interface;PHP interface;C, C++ interface;ISAPI interface;Perl interface;Acegi connects Mouthful;Ruby interface;VBScript interface;WebServics interface;Other interfaces
Unified application management
The each application system and function point of realizing uniform permission administration are managed.Tree structure is formed, it can With downward unlimited extension.
Application system register
The application system of all accesses is required to be registered in systems, and the root node of system function tree is that system is preparatory The root node of setting, the application system of each access belong to the first Hierarchy nodes below root node.
Application function registration
The function of each access application system is required to be registered in systems.
Application permission registration
Increase application permission under chartered application function.Application permission is thinner relative to applied function module Permission, can feature operation button in specific operation system.Such as: the operation such as audit, retract, modifying.
Application attribute registration
Relevant application attribute is registered under chartered application system and application function.Application attribute and user, use Family group, role can be associated.Increasing this concept of attribute while is also made to keep the management of unified authorization more flexible User can also possess corresponding attribute other than having affiliated role, keep user information more abundant, make set expandability more By force.
Increase the interface of attribute and data exchange, the value of attribute can be the SQL statement of variable or a string of access evidences.
Permission group management
Permission group is the set of one group of permission across application system that can distribute to certain user simultaneously, defines permission group Concept be in order to more flexible in unified authorization function and conveniently.Permission group information includes: permission group mark, permission group name Claim, whether effectively.
Integrated service management
User is integrated
User's integration mode
1. establishing user's mapping table
2. establishing user's mapping management with the application system, the user including application system in unified identity authentication platform Password.
3. having the user's table of oneself, but campus user keeps consistent with unified identity authentication platform user.
4. all campus users of application system save a copy, authority is realized by data exchange or Data synchronization interface User data synchronization between data source and directory service.
5. using unified identity authentication platform user completely
6. providing application system use in a manner of view.
User's mapping table is established
Various ways are provided and establish user's mapping table, including administrator establishes mapping management by hand, user oneself, which establishes, to be reflected It penetrates management and establishes three kinds of mapping management automatically by regular.
Certification is integrated
Authenticate integration mode
1. restoration and reuse system, using unified certification interface authentication
Application system is authenticated according to the API of offer and is wrapped, and modifies system authentication head, is directed toward unified identity authentication platform certification. After authenticating successfully, the former access address URL is returned to.
2. restoration and reuse system retains the original authentication interface of system
The authentication interface and application system that be unwilling to be provided using unified identity authentication platform for certain applications system are deposited It in user outside school, therefore uses and retains the original authentication interface of application system, but authentication logic needs are transformed.After authenticating successfully, Return to the former access address URL.
3. can not restoration and reuse system, proxy authentication
Proxy authentication function herein refers to when user's access agent application system (can not restoration and reuse system), Proxy authentication function just according to the account of relevant agent application system registration information and user-association, proxy user go into Row is corresponding to be logged in, while the result of login is returned to user.So for users, just it is transparent complete it is logged Journey has achieved the purpose that seamless access application system.
Agent application system is registered first in unified single sign-on system, chartered agent application system System, by the user name/password in agent application system and currently the user name in unified single sign-on system maps, when When user accesses this agent application system, unified identity authentication can Automatic-searching application system secondary recognize Card, in the login for completing this agent application system for helping user transparent from the background.
Authenticate integrated interface
For the new system developed on the basis of unified identity authentication platform later, the certification that this system provides standard is integrated Interface is called for the developer of new system.The realization of standard interface there are several types of:
DotNet interface;JAVA interface;ASP interface;PHP interface;C, C++ interface;Other interface authorities are integrated
Permission integration mode
1. data exchange
Operation system permissions data table structure, relationship are analyzed, it is integrated that permission is carried out by way of data exchange.Business system The right access control code of original system need not be transformed in system.But the management of permissions data, must be in unified identity authentication platform It is managed.
2. modernization system
Unified identity authentication platform provides a large amount of permission operations, manages relevant interface (webservice), by business system System calls these interfaces and modifies the right access control code of system.The management of the permissions data of original system is revoked, complete It is managed in unified identity authentication platform entirely.
3. integrated interface
For the new system developed on the basis of unified identity authentication platform later, this system provides the permission of multiple standards Integrated interface is called for the developer of new system.
Directory service
System is storage and authentication infrastructure with directory service, supports X.509 agreement, be may be implemented between different directories service Data it is synchronous
System administration
System administration realizes operation audit, session management and parameter configuration.
Operation audit
Operation audit can be by the login, operation, password that all users are done are changed, permission modification process is all recorded in day In will, and corresponding inquiry and informing function are provided, as the foundation of later audit and the prompting of monitoring.
The log of system record includes logging in log, access log, operation log etc..
It logs in: log when logging in system by user.
Access: user accesses the log of each function point.
Operation: the log of operating system of user function point.
Admin Administration
According to janny's structure, junior administrator is specified by upper management person, and award by entitlement management module Weigh the system management function that junior administrator implements system in extent of competence.Highest level administrator is system manager.
Session management
Session management realizes the searching and managing to current access system session.
Parameter configuration
Parameter configuration realizes that platform runs required various parameters configuration.
System monitoring
Operation monitoring
System monitors the operation conditions of each application system in real time, in application system abnormal running, provides prompt automatically.
Access monitoring
The case where system real time monitoring accesses application system by Verification System, and record access amount and access user's letter Breath.
Operation monitoring
System records the user's operation that user, permission operation are carried out using Verification System in real time.
Alarm and early warning
Super authority is used when application system runs abnormal, operator, system provides alarm in time.
The one-stop campus informatization framework of this specific implementation has the following characteristics that
1, cloud large platform, which is established, supports multi-tenant, large platform+micro services+flow engine DevOps exploitation fortune of new generation Tie up Paas grades of cloud one-stop service cloud platforms of integration.Each universities and colleges can establish the one-stop service in this school by the platform Portal hall;Good campus informatization service is provided by internet for teachers and students.
2, the construction of chain-wales intramural information basic platform simplifies in the school, it is only necessary to which foundation is integrated intramural information monomer and answered With system.This is greatly lowered the threshold of Informatization Construction of Campus and O&M, accelerates the paces of College Informatization development.
3, the information island that application program is formed in the school is got through in service entirely, and one-stop portal passes through " cloud platform " and school Interior " data share exchange platform " docking directly provides accurately information service across application for teachers and students.
4, exploitation is simplified, customization service " family's normalizing " regular service deprofessionalization personnel slightly train and can undertake.
5, automatic wire charging is completed in operation automation micro services application and development, and deployment is simple, and not needing complicated configuration can On-line running.
6, unified management with monitor micro- application and service item on unified platform developing operation, it can be achieved that unified management It is monitored with operation.
Originally it is embodied as College Informatization and has explored a cloud school combination, service management is separated with information service, number New campus informatization architecture mode is separated according to application.That is " micro- portal+cloud service+number center+school business " novel campus letter Breathization framework." the one-stop micro services portal in multiple terminals+education cloud data, that is, service platform (EDU cloud DaaS)+school end shared data The business application system of platform+in the school " innovation Informatization Construction of Campus new architecture, help Construction of University it is completely unified, technologically advanced, Covering comprehensively, using deeply, efficient stable, safe and reliable Intelligent campus, eliminate information island and apply isolated island, establish school grade Unified information system realizes that inter-sectional process is unobstructed, and the respective services management work and numerous teaching and administrative staffs to campus are provided without institute Not one-stop service.
Specific embodiments of the present invention are described above.It is to be appreciated that the invention is not limited to above-mentioned Particular implementation, those skilled in the art can make a variety of changes or modify within the scope of the claims, this not shadow Ring substantive content of the invention.In the absence of conflict, the feature in embodiments herein and embodiment can any phase Mutually combination.

Claims (7)

  1. The campus informatization framework of 1.EDU cloud DaaS and cloud school one, it is characterised in that: including
    Data sharing center in campus, school is established in each application system, realization all application system data sharings in the school in the school for fusion Garden standard primary database provides big data and one-stop service support for campus;
    The one-stop micro services platform of EDU cloud DaaS sets up privately owned cloud outside school, EDU cloud DaaS is used to provide big data for user Acquisition, data cleansing, data unification exchange, creation Service Source, the data i.e. service for issuing dynamic apis;Out of University altogether It enjoys data center and extracts data, quickly provide " office and information inquiry are one-stop on line " information service for colleges and universities teachers and students;It gets through Each application program in the school provides new application service for campus;Cloud unified identity authentication is constructed, realizes that campus system logs in " account is logical ";Multi-tenant service is provided, a cloud platform is supported to provide information service for more colleges and universities;
    One-stop service portal, each colleges and universities can voluntarily construct the one-stop information service portal in this school according to this school characteristic;The portal Support PC, intelligent terminal, smart phone multiple terminal, it is convenient to provide one-stop information service anywhere or anytime for teachers and students;
    Cloud resource manages platform, for providing tenant's management for whole system, resource management, management and running, operation and maintenance supervising, sharing Management function.
  2. 2. the campus informatization framework of EDU cloud DaaS as described in claim 1 and cloud school one, it is characterised in that: the school Data sharing center in garden is docked with each application system in the school by data tool;Shared data center in the school is set up, is completed The function that master data management, data integration supervision, data quality management, backup data management, data run monitor, master data can To provide data supporting for campus one-stop service as a data resource packet (api interface).
  3. 3. the campus informatization framework of EDU cloud DaaS as described in claim 1 and cloud school one, it is characterised in that: described one Standing posture micro services cloud platform extracts data required for one-stop information service from campus data sharing center by ETL tool, For realizing superposition workflow management, message management, authentication, the function of portal management, zero_time holding provides one for campus teachers and students Standing posture information service.
  4. 4. the campus informatization framework of EDU cloud DaaS as described in claim 1 and cloud school one, it is characterised in that: described one Standing posture micro services cloud platform passes through ESB Enterprise Service Bus and unitary service platform, unified identity authentication, unified micro services exploitation Each application system implementation process of platform, uniform service portal framework etc. and campus is reproduced, and is provided for Campus Information System new micro- It is served by system.
  5. 5. the campus informatization framework of EDU cloud DaaS as described in claim 1 and cloud school one, it is characterised in that: the letter Breathization framework supports application demand different in platform using mixing multi-tenant architecture.
  6. 6. the campus informatization framework of EDU cloud DaaS as described in claim 1 and cloud school one, it is characterised in that: the letter Breathization framework carries out the read-write of mass data using NoSql technology.
  7. 7. the campus informatization framework of EDU cloud DaaS as described in claim 1 and cloud school one, it is characterised in that: the letter Breathization framework is divided into access layer, operation layer, picks out layer by segmentation event-driven framework, and access layer is responsible for receiving applications Service invocation request, and request by message queue or local Native mode is sent to core engine, core engine Thread pool according to the resource of distribution how much, the request message in message queue is handled, and processing result is returned to and is connect Enter channel;Meanwhile when core engine calling external service, message or local mode are also similarly used, the team for picking out layer is sent to It is handled in column, so that original synchronization request be handled, three sections of asynchronous process of message mode is converted into, when guaranteeing access Height handle up, isolation external service it is unstable caused by resource occupation.
CN201811517042.7A 2018-12-12 2018-12-12 The campus informatization framework of EDU cloud DaaS and cloud school one Pending CN109508962A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811517042.7A CN109508962A (en) 2018-12-12 2018-12-12 The campus informatization framework of EDU cloud DaaS and cloud school one

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811517042.7A CN109508962A (en) 2018-12-12 2018-12-12 The campus informatization framework of EDU cloud DaaS and cloud school one

Publications (1)

Publication Number Publication Date
CN109508962A true CN109508962A (en) 2019-03-22

Family

ID=65752421

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811517042.7A Pending CN109508962A (en) 2018-12-12 2018-12-12 The campus informatization framework of EDU cloud DaaS and cloud school one

Country Status (1)

Country Link
CN (1) CN109508962A (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110516897A (en) * 2019-06-03 2019-11-29 武汉市自来水有限公司 A kind of water utilities nested type micro services system
CN110543296A (en) * 2019-08-26 2019-12-06 成都市知用科技有限公司 Smart campus micro-service platform architecture system
CN111027085A (en) * 2019-12-16 2020-04-17 南京工业大学 High-performance computing platform and smart campus fusion system and implementation method
CN111062837A (en) * 2019-10-30 2020-04-24 安徽皖新金智教育科技有限公司 Campus-based intelligent management system and method thereof
CN111192017A (en) * 2019-12-30 2020-05-22 三盟科技股份有限公司 Campus personal data management method and system
CN111404757A (en) * 2020-03-26 2020-07-10 成都云巢智联科技有限公司 Cloud-based cross-network application integration system
CN111459915A (en) * 2020-04-14 2020-07-28 南京工业大学 Panoramic data opening method and system suitable for colleges and universities
CN111722939A (en) * 2020-05-15 2020-09-29 山西数擎科技有限公司 Novel-structure smart campus center interconnection platform and method
CN111898865A (en) * 2020-07-02 2020-11-06 常州市第二人民医院 Smart campus data dynamic management method
CN112187863A (en) * 2020-09-01 2021-01-05 远光软件股份有限公司 Method, device, storage medium and electronic equipment for expanding organization role
CN113112230A (en) * 2021-04-14 2021-07-13 中国电子科技集团公司第二十八研究所 Cloud space information product circulation method based on expansion finite-state machine model
CN113438285A (en) * 2021-06-11 2021-09-24 中国二十冶集团有限公司 Smart campus comprehensive management platform model based on private cloud architecture
CN113516218A (en) * 2021-06-04 2021-10-19 重庆云华科技有限公司 College data oriented middle platform sharing server system, college data oriented middle platform sharing server method and campus card
CN113537943A (en) * 2021-07-30 2021-10-22 苏州工业园区测绘地理信息有限公司 Universal workflow engine and construction method thereof
CN114257460A (en) * 2022-02-28 2022-03-29 浙江浙商互联信息科技有限公司 Cloud architecture data sharing method suitable for intelligent management of service area
CN114969833A (en) * 2022-07-29 2022-08-30 合肥汉泰网络科技有限公司 Resource control method and system of portal system and computer equipment
CN116760639A (en) * 2023-08-18 2023-09-15 深圳市大恒数据安全科技有限责任公司 Data security isolation and sharing framework implementation method for multiple tenants

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140136422A1 (en) * 2012-10-30 2014-05-15 Elwha Llc Methods and systems for data services
CN107784607A (en) * 2016-08-30 2018-03-09 威海兴达信息科技有限公司 A kind of Digital Campus management system
CN108647277A (en) * 2018-05-03 2018-10-12 山东师范大学 A kind of mobile campus comprehensive service platform and its working method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140136422A1 (en) * 2012-10-30 2014-05-15 Elwha Llc Methods and systems for data services
CN107784607A (en) * 2016-08-30 2018-03-09 威海兴达信息科技有限公司 A kind of Digital Campus management system
CN108647277A (en) * 2018-05-03 2018-10-12 山东师范大学 A kind of mobile campus comprehensive service platform and its working method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
段春梅: "基于云平台的智慧校园架构设计", 《轻工科技》 *
肖祥林等: "基于云+SOA架构的异构智慧校园平台设计与实现", 《电子设计工程》 *

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110516897A (en) * 2019-06-03 2019-11-29 武汉市自来水有限公司 A kind of water utilities nested type micro services system
CN110543296A (en) * 2019-08-26 2019-12-06 成都市知用科技有限公司 Smart campus micro-service platform architecture system
CN110543296B (en) * 2019-08-26 2023-10-13 成都市知用科技有限公司 Intelligent campus micro-service platform architecture system
CN111062837A (en) * 2019-10-30 2020-04-24 安徽皖新金智教育科技有限公司 Campus-based intelligent management system and method thereof
CN111027085A (en) * 2019-12-16 2020-04-17 南京工业大学 High-performance computing platform and smart campus fusion system and implementation method
CN111192017A (en) * 2019-12-30 2020-05-22 三盟科技股份有限公司 Campus personal data management method and system
CN111404757A (en) * 2020-03-26 2020-07-10 成都云巢智联科技有限公司 Cloud-based cross-network application integration system
CN111459915A (en) * 2020-04-14 2020-07-28 南京工业大学 Panoramic data opening method and system suitable for colleges and universities
CN111722939A (en) * 2020-05-15 2020-09-29 山西数擎科技有限公司 Novel-structure smart campus center interconnection platform and method
CN111898865A (en) * 2020-07-02 2020-11-06 常州市第二人民医院 Smart campus data dynamic management method
CN112187863B (en) * 2020-09-01 2023-06-27 远光软件股份有限公司 Method and device for expanding organization roles, storage medium and electronic equipment
CN112187863A (en) * 2020-09-01 2021-01-05 远光软件股份有限公司 Method, device, storage medium and electronic equipment for expanding organization role
CN113112230A (en) * 2021-04-14 2021-07-13 中国电子科技集团公司第二十八研究所 Cloud space information product circulation method based on expansion finite-state machine model
CN113516218A (en) * 2021-06-04 2021-10-19 重庆云华科技有限公司 College data oriented middle platform sharing server system, college data oriented middle platform sharing server method and campus card
CN113438285B (en) * 2021-06-11 2023-02-28 中国二十冶集团有限公司 Smart campus comprehensive management platform model based on private cloud architecture
CN113438285A (en) * 2021-06-11 2021-09-24 中国二十冶集团有限公司 Smart campus comprehensive management platform model based on private cloud architecture
CN113537943A (en) * 2021-07-30 2021-10-22 苏州工业园区测绘地理信息有限公司 Universal workflow engine and construction method thereof
CN114257460A (en) * 2022-02-28 2022-03-29 浙江浙商互联信息科技有限公司 Cloud architecture data sharing method suitable for intelligent management of service area
CN114969833A (en) * 2022-07-29 2022-08-30 合肥汉泰网络科技有限公司 Resource control method and system of portal system and computer equipment
CN116760639A (en) * 2023-08-18 2023-09-15 深圳市大恒数据安全科技有限责任公司 Data security isolation and sharing framework implementation method for multiple tenants
CN116760639B (en) * 2023-08-18 2023-10-31 深圳市大恒数据安全科技有限责任公司 Data security isolation and sharing framework implementation method for multiple tenants

Similar Documents

Publication Publication Date Title
CN109508962A (en) The campus informatization framework of EDU cloud DaaS and cloud school one
Ding et al. Application of Internet of Things and virtual reality technology in college physical education
CN105450636B (en) A kind of cloud computing management system
CN105429299B (en) The working method of the remote-control system of unattended substation automated system
EP2510466B1 (en) Delegated and restricted asset-based permissions management for co-location facilities
CN106411857B (en) A kind of private clound GIS service access control method based on virtual isolation mech isolation test
CN110472388B (en) Equipment management and control system and user permission control method thereof
CN105991734B (en) A kind of cloud platform management method and system
CN110443010A (en) One kind permission visual configuration control method, device, terminal and storage medium in information system
CN107798466A (en) A kind of Urban Operation administrative center system
CN109962805A (en) A kind of multi-platform cut-in method and equipment based on Authority and Domain Based Management
CN101562609A (en) VPN network security loophole detection and global admittance controlling system
CN108959902A (en) A kind of mutli-system integration platform and method, computer readable storage medium
CN101599144A (en) Network type civil affairs multi-department information integrated assistance platform
CN107680017A (en) A kind of Intelligent campus management platform system
CN106022713A (en) Cloud-platform-based method for establishing training platform rapidly
CN100488199C (en) Media issuing system and method
CN108108460A (en) A kind of standardized work flows intelligent management system framework and system
CN104580081A (en) Integrated SSO (single sign on) system
CN104166581B (en) A kind of virtual method towards increment manufacturing equipment
Dongdong et al. Role-based access control in educational administration system
Yang The design and implementation of scientific research management system in university
CN104283893B (en) Receiving method and server in a kind of security information
Xuning et al. Research of campus resource management based on cloud computing
CN110569026A (en) Service-oriented system architecture method based on J2EE framework

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190322

RJ01 Rejection of invention patent application after publication