CN109981725A - A kind of communication means across security domain, server and readable storage medium storing program for executing - Google Patents

A kind of communication means across security domain, server and readable storage medium storing program for executing Download PDF

Info

Publication number
CN109981725A
CN109981725A CN201910099641.XA CN201910099641A CN109981725A CN 109981725 A CN109981725 A CN 109981725A CN 201910099641 A CN201910099641 A CN 201910099641A CN 109981725 A CN109981725 A CN 109981725A
Authority
CN
China
Prior art keywords
security domain
port
host
service
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910099641.XA
Other languages
Chinese (zh)
Other versions
CN109981725B (en
Inventor
张庆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
MIGU Culture Technology Co Ltd
Original Assignee
MIGU Culture Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by MIGU Culture Technology Co Ltd filed Critical MIGU Culture Technology Co Ltd
Priority to CN201910099641.XA priority Critical patent/CN109981725B/en
Publication of CN109981725A publication Critical patent/CN109981725A/en
Application granted granted Critical
Publication of CN109981725B publication Critical patent/CN109981725B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles

Abstract

The present embodiments relate to technical field of Internet information, a kind of communication means across security domain, server and readable storage medium storing program for executing are disclosed.In the present invention, the communication means across security domain, applied to the first host in the first security domain, communication means includes: the multiple ports monitored for client connection each in the first security domain, and port and client correspond;In response to the first connection request for being used to connect address of service that first port receives, the predetermined port of the second host into the second security domain sends the second connection request for determining address of service, is connected to address of service through the second host;Wherein, any one port in each port that first port is monitored by the first host.Server and readable storage medium storing program for executing are also disclosed in the present invention, so that reducing across the open-ended quantity between security domain, reduce maintenance work.

Description

A kind of communication means across security domain, server and readable storage medium storing program for executing
Technical field
The present embodiments relate to technical field of Internet information, in particular to communication means, server across security domain And readable storage medium storing program for executing.
Background technique
In the prior art, network system is huge, and the concept of security domain can be used, divide to the network equipment, specifically All identical security levels, the computer with identical demand for security are divided into same network segment, carried out in the boundary of network segment Access control.Whole realization method is that boundary is deployed in using firewall to realize, which allows by firewall policy control A little IP access this domain, which do not allow access this domain;Allow this domain browsing which IP/ network segment, which IP/ net do not allowed to access Section.To generally apply, server, database etc. are included into highest security domain, Office Network is classified as intermediate security domain, connects the portion of outer net Divide and is classified as low-level security domain.Provisioning Policy is controlled between not same area.
At least there are the following problems in the prior art for inventor's discovery: generally requiring and is pacifying across the multiple applications of safe domain browsing Multiple network ports are got through between universe, the communication being respectively used between different application.Http is communicated, it can be by two (just To/reversed) proxy server conversion url realized and accessed using single port, and for https or answering using socket communication With not realizing accordingly then, multiple ports can only be opened.
Summary of the invention
Embodiment of the present invention is designed to provide a kind of communication means across security domain, server and readable storage medium Matter reduces maintenance work so that reducing across the open-ended quantity between security domain.
In order to solve the above technical problems, embodiments of the present invention provide a kind of communication means across security domain, application The first host in the first security domain, the communication means include: to monitor for client connection each in first security domain Multiple ports, the port and the client correspond;It is taken in response to what the first port received for connecting The predetermined port of first connection request of business address, the second host into the second security domain is sent for determining address of service Second connection request is connected to the address of service through second host;Wherein, the first port is first host Any one port in each port monitored.
Embodiments of the present invention additionally provide a kind of server, comprising: at least one processor;And with it is described extremely The memory of few processor communication connection;Wherein, the memory, which is stored with, to be executed by least one described processor Instruction, described instruction is executed by least one described processor, so that at least one described processor is able to carry out as above-mentioned The communication means across security domain.
Embodiments of the present invention additionally provide a kind of computer readable storage medium, are stored with computer program, described Such as the above-mentioned communication means across security domain is realized when computer program is executed by processor.
Embodiments of the present invention provide a kind of communication means across security domain, applied to second in the second security domain Host, comprising: monitor the port for the connection of the first security domain;It is received in first security domain in response to the port For determining the second connection request of address of service, corresponding address of service is determined according to second connection request;Even Connect the address of service;Wherein, second connection request is that first host is being received for connecting address of service It is issued after first connection request, client of first connection request in first security domain.
Embodiments of the present invention additionally provide a kind of server, comprising: at least one processor;And with it is described extremely The memory of few processor communication connection;Wherein, the memory, which is stored with, to be executed by least one described processor Instruction, described instruction is executed by least one described processor, so that at least one described processor is able to carry out as above-mentioned The communication means across security domain.
Embodiments of the present invention additionally provide a kind of computer readable storage medium, are stored with computer program, described Such as the above-mentioned communication means across security domain is realized when computer program is executed by processor.
Embodiment of the present invention in terms of existing technologies, each client need to corresponding server-side connect when, first with The first host connection in a secure domain, the first host converges the connection requirement of each client, has connection in a certain client When demand, the second host into the second security domain initiates the connection request, determines client according to connection request by the second host Really want the address of service connected and connection, since the information of all clients in the first security domain is all issued from the first host, and When being sent to the second security domain, it is sent to the predetermined port of the second host, need to only be connected by single port between two security domains It achieves that the communication connection of multiple client and multiple servers, reduces across the open-ended quantity between security domain, reduce dimension Nurse makees.Meanwhile embodiment of the present invention is not influenced by communication protocol, replicability is good.
As a further improvement, each port that first host is monitored is preset with identification information, the identification Information respectively corresponds an address of service;Second connection request includes the identification information of the first port.The present embodiment benefit With the identification information of port and the corresponding relationship of address of service, so that the second host rapidly and accurately determines actual service ground Volume of transmitted data when communication is reduced in location.
As a further improvement, the identification information includes: character string and/or number.The present embodiment using character string and Or number composition identification information, realize that simplicity, replicability are good.
As a further improvement, the corresponding relationship of each preset identification information in the port and the address of service is by matching The mode of setting is stored in first host.
As a further improvement, the predetermined port of second host into the second security domain is sent for determining service After second connection request of address, further includes: after communication connection is established, data forwarding that the first port is received The extremely predetermined port of second host, alternatively, when receiving from the feedback data of second host, it will be described Feedback data feeds back to the first port.The present embodiment realizes the number of client and address of service after communication connection is established According to communication.
As a further improvement, being preset with multiple listening threads in first host, each listening thread is corresponding Monitor a port.The present embodiment is monitored respectively using multithreading, avoids interfering with each other.
Detailed description of the invention
One or more embodiments are illustrated by the picture in corresponding attached drawing, these exemplary theorys The bright restriction not constituted to embodiment, the element in attached drawing with same reference numbers label are expressed as similar element, remove Non- to have special statement, composition does not limit the figure in attached drawing.
Fig. 1 is the flow chart of the communication means across security domain in first embodiment according to the present invention;
Fig. 2 is the flow chart of the communication means across security domain in third embodiment according to the present invention;
Fig. 3 is the communication system across security domain in the communication means across security domain in the 4th embodiment according to the present invention Schematic diagram;
Fig. 4 is the flow chart of the communication means across security domain in the 4th embodiment according to the present invention;
Fig. 5 is the schematic diagram of server in the 5th embodiment according to the present invention;
Fig. 6 is the schematic diagram of server in the 7th embodiment according to the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with attached drawing to the present invention Each embodiment be explained in detail.However, it will be understood by those skilled in the art that in each embodiment party of the present invention In formula, in order to make the reader understand this application better, many technical details are proposed.But even if without these technical details And various changes and modifications based on the following respective embodiments, the application technical solution claimed also may be implemented.With Under the division of each embodiment be for convenience, any restriction should not to be constituted to specific implementation of the invention, it is each Embodiment can be combined with each other mutual reference under the premise of reconcilable.
The first embodiment of the present invention is related to a kind of communication means across security domain, applied in the first security domain One host, can be with deployment-specific software, for realizing the communication means in present embodiment on the first host.
The process of present embodiment is as shown in Figure 1, specific as follows:
Step 101, multiple ports for client connection each in the first security domain are monitored.
Specifically, port and client correspond.More specifically, starting n thread on the first host, each Thread monitors a port, for being connected for the client respectively applied in intrinsic safety universe, meanwhile, each port is pre-configured with insighted Other information, client when in use, need to access corresponding address of service, and above-mentioned identification information and address of service correspond.It can To find out, multiple listening threads are preset in the first host, each listening thread is corresponding to monitor a port, avoids snoop procedure It interferes with each other.
More specifically, above-mentioned identification information can be the unique identification of port, may include: character string or number or with Both upper combination.Present embodiment is illustrated by taking character string as an example, other forms can also be used in practical application, herein Without limitation.It continues to explain, the corresponding relationship of the preset identification information in each port and address of service is stored in by configuration mode First host such as saves the configuration file of the corresponding relationship comprising identification information and address of service.Configuration content is exemplified below:
Configuration
Id-redis: port 6379
Id-zk: port 2181
Wherein, " 6379 " and " 2181 " are port numbers, and " Id-redis " is the identification information of port 6379, and " Id-zk " is The identification information of port 2181.
Step 102, judge whether to receive the first connection request;If so, continuing to execute step 103;If it is not, then returning Execute step 102.
Specifically, client of first connection request in intrinsic safety universe in present embodiment, and the first connection Request is for connecting address of service.Client need to access corresponding address of service when executing order, also just need to request connection True address of service.In present embodiment, the destination address in the configuration of client can be set to the ground of corresponding ports Location, rather than true address of service, so client is after sending the first connection request, the first connection request is sent to pair The port answered, the first host judge whether to receive the first connection request by listening port.
Continue to explain, if having that first port receives in each port monitored for connecting the first of address of service Connection request then continues to execute step 103, furtherly, can star a new thread for handle the first connection request, wherein Each port for being monitored by the first host of first port in any one port.
Step 103, the predetermined port of the second host into the second security domain sends the second connection request.
Specifically, the second connection request is for determining address of service.In present embodiment, is received in first port After one connection request, the identification information of first port is obtained, the second connection request of transmission includes acquired identification information, In can according to the configuration file of port obtain identification information.In practical application, before sending the second connection request, Ke Yixian Determine whether the predetermined port of the first host and the second host connects, if do not connected, the first host is first to the second host Predetermined port initiates the connection, and in connection and then sends the second connection request for determining address of service.
By taking configuration mode above as an example, if first port is port 6379, corresponding identification information " Id- can be found Redis " in practical application, can send identification information " Id-redis " as the second connection request.
It continuing to explain, the second host obtains corresponding address of service after receiving the second connection request, according to identification information, Namely client needs the real service address that connects.Wherein, the corresponding relationship of identification information and address of service, which passes through, configures Mode is stored in the second host.Configuration content is exemplified below:
Configuration
Id-redis:192.168.2.2:6379
Id-zk:192.168.2.3:2181
Wherein, " Id-redis " and " Id-zk " be identification information, " 192.168.2.2:6379 " and " 192.168.2.3: 2181 " be respectively corresponding address of service, and the second host connects the address of service after determining address of service.
That is, above-mentioned steps 103 are practical are as follows: in response to first port receive for connecting the of address of service One connection request, the predetermined port of the second host into the second security domain send the second connection for determining address of service and ask It asks, is connected to address of service through the second host.
Present embodiment can also advanced optimize, and send and use in the predetermined port of the second host into the second security domain After determining the second connection request of address of service, further includes: after communication connection is established, number that first port is received According to the predetermined port for being forwarded to the second host, alternatively, when receiving from the feedback data of the second host, feedback data is anti- It is fed to first port.After realizing that communication connection is established, the data communication of client and address of service is realized.In practical application, After first host connects address of service by the second host, a thread can be utilized respectively and execute first port and corresponding service Data interaction between address makes client realize corresponding order.
Each client of present embodiment need to corresponding server-side connect when, first with institute in a secure domain the first host company Connect, the first host converges the connection requirement of each client, when a certain client has connection requirement, into the second security domain Two hosts initiate the connection request, determine that client really wants the address of service and the connection that connect according to connection request by the second host, Since the information of all clients in the first security domain is all issued from the first host, and when being sent to the second security domain, send To the predetermined port of the second host, it need to only be connected by single port between two security domains and achieve that multiple client and multiple clothes The communication connection of business device reduces across the open-ended quantity between security domain, reduces maintenance work.Meanwhile present embodiment not by Communication protocol influences, and replicability is good.
Second embodiment of the present invention is related to a kind of communication means across security domain.Second embodiment is implemented with first Mode is roughly the same, is in place of the main distinction: in the first embodiment, sending the identification information of first port as second Connection request.And real service address is carried in second embodiment of the invention, in the second connection request of transmission, so that the Two hosts can directly parse real service address, operate directly easy.
Specifically, the corresponding relationship of port and address of service has been prestored in the first host in present embodiment, first Host listens to after first port receives the first connection request, searches the corresponding address of service of first port, and sending second When connection request, the address of service found is carried, correspondingly, the second host parses second after receiving the second connection request Address of service in connection request, and it is connected to the address of service.
As it can be seen that the second host can directly acquire true address of service in present embodiment, and it is simple direct, convenient for real It is existing.
Third embodiment of the present invention is related to a kind of communication means across security domain.Applied in the second security domain Two hosts, can be with deployment-specific software, for realizing the communication means in present embodiment on the second host.
The process of present embodiment is as shown in Fig. 2, specific as follows:
Step 201, scheduled port is monitored.
Specifically, which connects for the first security domain, the first different connection requests received in the first security domain, The second host is sent to by the port.
Step 202, judge whether the port receives the second connection request;If so, continuing to execute step 203;If it is not, Then return to step 202.
Step 203, corresponding address of service is determined according to the second connection request.
Specifically, the second connection request comes from the first security domain, and for determining address of service.More specifically, the Two connection requests are issued after receiving the first connection request for connecting address of service by the first host, and the first connection is asked Seek the client in the first security domain.
It further illustrates, includes identification information in the second connection request in present embodiment, identification information respectively corresponds One address of service, wherein the corresponding relationship of identification information and address of service can be stored in the second host by configuration mode.This In embodiment, this step determines address of service according to the identification information in the second connection request.In practical application, Ke Yijie Identification information is received as the second connection request, in this case, the second host is true according to corresponding relationship after receiving identification information Make true address of service.
It is executed as it can be seen that above-mentioned steps 203 are practical: receiving taking in the first security domain for determining in response to port Second connection request of business address, determines corresponding address of service according to the second connection request.
Step 204, address of service is connected.
As it can be seen that each client of present embodiment need to corresponding server-side connect when, first in a secure domain first Host connection, the first host converges the connection requirement of each client, when a certain client has connection requirement, to the second security domain In the second host initiate the connection request, by the second host according to connection request determine client really want connect address of service simultaneously Connection, since the information of all clients in the first security domain is all issued from the first host, and when being sent to the second security domain, It is sent to the predetermined port of the second host, need to only be connected by single port between two security domains and achieve that multiple client and more The communication connection of a server reduces across the open-ended quantity between security domain, reduces maintenance work.Meanwhile present embodiment It is not influenced by communication protocol, replicability is good.
As can be seen that present embodiment is the communication means across security domain corresponding with first embodiment, therefore this Embodiment can work in coordination implementation with first embodiment.The relevant technical details mentioned in second embodiment are in this implementation In mode still effectively, the attainable technical effect of institute in the present embodiment similarly can be real in the first embodiment Existing, in order to reduce repetition, which is not described herein again.Correspondingly, the relevant technical details mentioned in present embodiment are also applicable in In first embodiment.
4th embodiment of the invention is related to a kind of communication means across security domain.
Present embodiment is applied to the communication system across security domain as shown in Figure 3, execute redis service and When zookeeper is serviced, the communication means across security domain in present embodiment is as shown in figure 4, specific as follows:
Step 401, when the first security domain executes redis/zookeeper Client command, the first host place is specified As server-side, specific use can operate as follows for ip and port:
redis-cli-h 192.168.1.1-p 6379
zkCli.sh-server 192.168.1.1:2181
Step 402, the first host finds unique identification (Id-redis and the Id- of two ports according to configuration respectively Zk), start two processing threads to be separately connected the second host of the second security domain and send corresponding unique identification.
Step 403, the second host in the second security domain receives the connection of the first host, starts two processing threads, point Unique identification is not received, real service address is found according to configuration and is initiated the connection.
True address of service is respectively: 192.168.2.2:6379 and 192.168.2.3:2181.
Step 404, after establishing connection, from redis-cli/zkCli.sh execute related command when, request through the first host, Second host is transmitted to the redis/zookeeper server of the second security domain.
Step 405, the redis/zookeeper server processing requests of the second security domain, response message through the second host, First host sends the redis-cli/zkCli.sh client of the first security domain to.
As it can be seen that present embodiment is communication means when being performed simultaneously redis/zookeeper Client command, Ke Yitong When respond multiple client request, avoid interfering with each other.
The step of various methods divide above, be intended merely to describe it is clear, when realization can be merged into a step or Certain steps are split, multiple steps are decomposed into, as long as including identical logical relation, all in the protection scope of this patent It is interior;To adding inessential modification in algorithm or in process or introducing inessential design, but its algorithm is not changed Core design with process is all in the protection scope of the patent.
Fifth embodiment of the invention is related to a kind of server, as shown in Figure 5, comprising:
At least one processor;And the memory being connect at least one processor communication;Wherein, memory stores There is the instruction that can be executed by least one processor, instruction is executed by least one processor, so that at least one processor energy It is enough to execute such as the communication means across security domain in first embodiment or second embodiment.
Wherein, memory is connected with processor using bus mode, and bus may include the bus of any number of interconnection And bridge, bus is by one or more processors together with the various circuit connections of memory.Bus can also will be such as peripheral Together with various other circuit connections of management circuit or the like, these are all well known in the art for equipment, voltage-stablizer , therefore, it will not be further described herein.Bus interface provides interface between bus and transceiver.Transceiver Can be an element, be also possible to multiple element, such as multiple receivers and transmitter, provide for over a transmission medium with The unit of various other device communications.The data handled through processor are transmitted on the radio medium by antenna, further, Antenna also receives data and transfers data to processor.Processor is responsible for managing bus and common processing, can also provide Various functions, including timing, peripheral interface, voltage adjusting, power management and other control functions.And memory can by with Used data when storage processor is in execution operation.
Sixth embodiment of the invention is related to a kind of computer readable storage medium, is stored with computer program.Computer Above-mentioned first embodiment or second embodiment are realized when program is executed by processor.
Seventh embodiment of the invention is related to a kind of server, as shown in Figure 6, comprising:
At least one processor;And the memory being connect at least one processor communication;Wherein, memory stores There is the instruction that can be executed by least one processor, instruction is executed by least one processor, so that at least one processor energy It is enough to execute such as the communication means across security domain in third embodiment.
Wherein, memory is connected with processor using bus mode, and bus may include the bus of any number of interconnection And bridge, bus is by one or more processors together with the various circuit connections of memory.Bus can also will be such as peripheral Together with various other circuit connections of management circuit or the like, these are all well known in the art for equipment, voltage-stablizer , therefore, it will not be further described herein.Bus interface provides interface between bus and transceiver.Transceiver Can be an element, be also possible to multiple element, such as multiple receivers and transmitter, provide for over a transmission medium with The unit of various other device communications.The data handled through processor are transmitted on the radio medium by antenna, further, Antenna also receives data and transfers data to processor.Processor is responsible for managing bus and common processing, can also provide Various functions, including timing, peripheral interface, voltage adjusting, power management and other control functions.And memory can by with Used data when storage processor is in execution operation.
Eighth embodiment of the invention is related to a kind of computer readable storage medium, is stored with computer program.Computer Above-mentioned third embodiment is realized when program is executed by processor.
That is, it will be understood by those skilled in the art that implement the method for the above embodiments be can be with Relevant hardware is instructed to complete by program, which is stored in a storage medium, including some instructions are to make It obtains an equipment (can be single-chip microcontroller, chip etc.) or processor (processor) executes each embodiment method of the application All or part of the steps.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. are various can store journey The medium of sequence code.
It will be understood by those skilled in the art that the respective embodiments described above are to realize specific embodiments of the present invention, And in practical applications, can to it, various changes can be made in the form and details, without departing from the spirit and scope of the present invention.

Claims (13)

1. a kind of communication means across security domain, which is characterized in that applied to the first host in the first security domain, the communication Method includes:
Multiple ports for client connection each in first security domain are monitored, the port and the client one are a pair of It answers;
In response to the first connection request for being used to connect address of service that the first port receives, into the second security domain The predetermined port of second host sends the second connection request for determining address of service, is connected to through second host described Address of service;
Wherein, any one port in each port that the first port is monitored by first host.
2. the communication means according to claim 1 across security domain, which is characterized in that first host is monitored each The port is preset with identification information, and the identification information respectively corresponds an address of service;
Second connection request includes the identification information of the first port.
3. the communication means according to claim 2 across security domain, which is characterized in that the identification information includes: character String and/or number.
4. the communication means according to claim 2 across security domain, which is characterized in that each preset identification letter in port Breath and the corresponding relationship of the address of service are stored in first host by configuration mode.
5. the communication means according to claim 1 across security domain, which is characterized in that into the second security domain The predetermined port of two hosts is sent after the second connection request for determining address of service, further includes:
After communication connection is established, the predetermined end of data forwarding that the first port is received to second host Mouthful, alternatively, the feedback data is fed back to the first end when receiving from the feedback data of second host Mouthful.
6. the communication means according to claim 1 across security domain, which is characterized in that be preset in first host more A listening thread, each listening thread is corresponding to monitor a port.
7. a kind of communication means across security domain, which is characterized in that applied to the second host in the second security domain, comprising:
Monitor the port for the connection of the first security domain;
The second connection request for being used to determine address of service in first security domain is received in response to the port, Corresponding address of service is determined according to second connection request;
Connect the address of service;
Wherein, second connection request is that first host is receiving the first connection request for connecting address of service It is issued afterwards, client of first connection request in first security domain.
8. the communication means according to claim 7 across security domain, which is characterized in that include in second connection request Identification information, the identification information respectively correspond an address of service;
It is described that corresponding address of service is determined according to second connection request, it specifically includes:
The address of service is determined according to the identification information in second connection request.
9. the communication means according to claim 8 across security domain, which is characterized in that the identification information and address of service Corresponding relationship second host is stored in by configuration mode.
10. a kind of server characterized by comprising
At least one processor;And
The memory being connect at least one described processor communication;Wherein,
The memory is stored with the instruction that can be executed by least one described processor, and described instruction is by described at least one It manages device to execute, so that at least one described processor is able to carry out as described in any one of claims 1 to 6 across security domain Communication means.
11. a kind of computer readable storage medium, is stored with computer program, which is characterized in that the computer program is located It manages when device executes and realizes such as the communication means described in any one of claims 1 to 6 across security domain.
12. a kind of server characterized by comprising
At least one processor;And
The memory being connect at least one described processor communication;Wherein,
The memory is stored with the instruction that can be executed by least one described processor, and described instruction is by described at least one Manage device execute so that at least one described processor be able to carry out as described in any one of claim 7 to 9 across security domain Communication means.
13. a kind of computer readable storage medium, is stored with computer program, which is characterized in that the computer program is located Manage the communication means across security domain realized as described in any one of claim 7 to 9 when device executes.
CN201910099641.XA 2019-01-31 2019-01-31 Communication method across security domains, server and readable storage medium Active CN109981725B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910099641.XA CN109981725B (en) 2019-01-31 2019-01-31 Communication method across security domains, server and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910099641.XA CN109981725B (en) 2019-01-31 2019-01-31 Communication method across security domains, server and readable storage medium

Publications (2)

Publication Number Publication Date
CN109981725A true CN109981725A (en) 2019-07-05
CN109981725B CN109981725B (en) 2022-06-14

Family

ID=67076858

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910099641.XA Active CN109981725B (en) 2019-01-31 2019-01-31 Communication method across security domains, server and readable storage medium

Country Status (1)

Country Link
CN (1) CN109981725B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115103019A (en) * 2022-05-06 2022-09-23 北京百度网讯科技有限公司 Access request forwarding method and device, electronic equipment and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104702591A (en) * 2014-12-29 2015-06-10 国家电网公司 Method and system for penetrating through firewall based on port forwarding multiplexing technology
CN104869021A (en) * 2015-05-22 2015-08-26 清华大学 Multi-granularity multi-domain heterogeneous optical network resource allocation method
US9246699B2 (en) * 2010-06-07 2016-01-26 Salesforce.Com, Inc. Method and system for testing multiple components of a multi-tenant, multi-domain, multi-tiered website
CN106101617A (en) * 2016-06-08 2016-11-09 浙江宇视科技有限公司 A kind of message transmitting method, Apparatus and system
CN108055505A (en) * 2017-12-11 2018-05-18 深圳市东微智能科技股份有限公司 Monitoring device control method, device, system, storage medium and computer equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9246699B2 (en) * 2010-06-07 2016-01-26 Salesforce.Com, Inc. Method and system for testing multiple components of a multi-tenant, multi-domain, multi-tiered website
CN104702591A (en) * 2014-12-29 2015-06-10 国家电网公司 Method and system for penetrating through firewall based on port forwarding multiplexing technology
CN104869021A (en) * 2015-05-22 2015-08-26 清华大学 Multi-granularity multi-domain heterogeneous optical network resource allocation method
CN106101617A (en) * 2016-06-08 2016-11-09 浙江宇视科技有限公司 A kind of message transmitting method, Apparatus and system
CN108055505A (en) * 2017-12-11 2018-05-18 深圳市东微智能科技股份有限公司 Monitoring device control method, device, system, storage medium and computer equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115103019A (en) * 2022-05-06 2022-09-23 北京百度网讯科技有限公司 Access request forwarding method and device, electronic equipment and readable storage medium

Also Published As

Publication number Publication date
CN109981725B (en) 2022-06-14

Similar Documents

Publication Publication Date Title
EP3585095B1 (en) Method and device for controlling qos, smf, upf, ue, pcf and an
US9379997B1 (en) Service request management
EP2633667B1 (en) System and method for on the fly protocol conversion in obtaining policy enforcement information
CN106790420B (en) A kind of more session channel method for building up and system
EP1962459A2 (en) Data communication system and session management server
US20170118266A9 (en) TRANSFERRING SESSION DATA BETWEEN NETWORK APPLICATIONS accessible via different dns domains
CN107222561A (en) A kind of transport layer reverse proxy method
US9246906B1 (en) Methods for providing secure access to network resources and devices thereof
US20210352041A1 (en) Domain-name acquisition method, website access method, and server
CN112104744B (en) Traffic proxy method, server and storage medium
MX2007010921A (en) Method for communication between an application and a client.
CN107124483A (en) Domain name analytic method and server
CN108243026A (en) Lan device communication management method, system and gateway device
US7818437B2 (en) Connection management system, connection management method, and management server
CN109327511A (en) A kind of data request method and server based on http protocol
CN108737407A (en) A kind of method and device for kidnapping network flow
CN112968965B (en) Metadata service method, server and storage medium for NFV network node
CN110417876A (en) Node server and main control device in session method, distributed system
CN109981725A (en) A kind of communication means across security domain, server and readable storage medium storing program for executing
US20160292245A1 (en) Method and Device for Implementing Matching Between Acquisition System and Analysis System
CN105376096A (en) Method and system for analyzing domain name, evaluating and feeding back data quality and optimizing data
US20230291706A1 (en) Method for accessing network, media gateway, electronic device and storage medium
CN103841221A (en) Strategy execution method, system and equipment, and control equipment
CN111641664B (en) Crawler equipment service request method, device and system and storage medium
CN110753043B (en) Communication method, device, server and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant