CN110995515B - Distributed environment Internet of things information system - Google Patents
Distributed environment Internet of things information system Download PDFInfo
- Publication number
- CN110995515B CN110995515B CN201911393817.9A CN201911393817A CN110995515B CN 110995515 B CN110995515 B CN 110995515B CN 201911393817 A CN201911393817 A CN 201911393817A CN 110995515 B CN110995515 B CN 110995515B
- Authority
- CN
- China
- Prior art keywords
- data
- module
- gateway
- private
- public
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Abstract
The invention discloses an environment internet of things information system based on distribution, which is characterized by comprising the following components: a gateway layer, a routing storage layer and an application layer; the gateway layer is used for receiving and processing the transmitted data; the route storage layer is used for forwarding and storing the data received by the gateway layer; and the application layer is used for acquiring the data of the route storage layer. The invention solves the problem of cross-network section, and reduces the data forwarding cost brought by interconnection and intercommunication; supporting public and private dual deployment schemes; the deployment requirements of enterprise public network deployment and private operation are reduced; the storage and the broadcasting are separately deployed, and the hardware resources are utilized to the maximum extent; the safety problem of illegal utilization of data is relieved through the authority authentication node; and establishing a basis for diversified external application support through the authority authentication node.
Description
Technical Field
The invention relates to the technical field of environment monitoring, in particular to an environment internet of things information system based on distribution.
Background
As network technology advances, extensive environmental monitoring becomes possible. Many device manufacturers, integrators, and software vendors have begun to engage in related work. Particularly, in recent years, cloud platforms and the Internet of things are raised, and good opportunities are provided for the rapid development of the field.
The distributed internet of things is based on the internet technology, adopts distributed networking, overcomes the practical business difficulty in environment monitoring, and completes a networking system of data integration, processing and publishing of the whole process section.
In the existing scheme, the early scheme relies on a single network environment, the networking limitation is large, the networking cost is difficult to reduce in the actual operation, and the network is divided by units; recent solutions focus on cloud platform implementations, ignoring the real dilemma of the parties involved.
The current environmental monitoring field faces several problems:
1. the network environment is complex: the forms include wired network, dial-up network, wireless network and non-network. Network segment cross-boundary, interconnection and intercommunication, vpn circuit and the like.
2. The system is complex:
on the aspect of equipment manufacturers: a great number of self-defined protocols need to be established for protocol analysis of model equipment, field work faces a great deal of uncertainty, and debugging and analysis repeatability labor amount is huge.
On the aspect of integrators: the process control requirements are various, different requirements are formed on data, but in reality, different equipment has various communication modes and different communication frequencies. In the aspects of data instantaneity and effectiveness, the integration business has a plurality of difficulties, but the means are very limited.
In the aspect of enterprise application: the information data system has a plurality of sources and high technical management cost. Maintenance and improvement mostly depend on original manufacturers, and spare parts are difficult to play a role in the first time.
Managing a park: the attention points have large difference, some pay attention to energy consumption and some pay attention to emission, and meanwhile, the requirements on information disclosure are met, and data are required to be disclosed by various means such as large screens and WeChat.
Government management: the data validity, real-time performance and integrity are strictly required by paying attention to the conditions of safety, emission, operation of key equipment and the like.
3. The application is complex:
the data display mode requires more: the report forms have multiple formats and multiple copying directions.
The requirements for early warning and alarming are complex: alarm lines are set, alarm modes and alarm conditions are different in requirements.
The internet platform has many display requirements: various forms such as websites, public numbers, APP, and the like; different rights are also required to be displayed according to different audiences.
Controlled (management) data calibration management: the requirements on data production in the aspects of equipment, technical standard upgrading, policy and regulation limitation and the like are met.
Manufacturer and maintenance service: tracking operation condition of equipment manufacturer and maintainer
4. Data ownership is unknown, deployment schemes are trapped, and the comprehensive cost is high.
After the current enterprise purchases equipment to operate, an information system has two modes of operation, one mode is an enterprise self-building system and operates independently; and the other is platform service based on cloud.
The problem with the "cloud" based platform service is that the data generated by the meter device is owned by whom; whether the instrumentation is purchased or leased by the enterprise; at present, all aspects are not expressed.
The enterprise self-building system can substantially solve the problems of the cloud platform service, but still cannot completely block the reality of data spreading through various technical channels. And the cost of the self-building system is very high, besides the initial software and hardware cost, the enterprise also has to set up IT personnel configuration irrelevant to the industry, and the cost is obviously increased.
The cloud platform has the advantages of being low in cost, and the practical dilemma lies in that enterprises think that not only equipment needs to be purchased but also data needs to be purchased, and after the data enters the cloud platform, the platform side cannot be controlled to use the data for other purposes actually.
5. The overall effect of deep data mining is hindered and the progress is delayed.
Because the strips are separated, the data are in a split state and do not have the condition of integral utilization, and the deep data mining is restricted to find out the technical progress which is beneficial to the improvement of instrument production and the improvement of enterprise public interest.
Therefore, in order to solve the problems of cross-network section and the like, the invention provides a distributed environment Internet of things information system.
Disclosure of Invention
The invention aims to provide an environment Internet of things information system based on distribution aiming at the defects of the prior art, which solves the problem of cross-network section and reduces the data forwarding cost brought by interconnection; and supports public and private dual deployment schemes; the deployment requirements of enterprise public network deployment and private operation are reduced.
In order to achieve the purpose, the invention adopts the following technical scheme:
a distributed-based environment Internet of things information system comprises: a gateway layer, a routing storage layer and an application layer;
the gateway layer is used for receiving and processing the transmitted data;
the route storage layer is used for forwarding and storing the data received by the gateway layer;
and the application layer is used for acquiring the data of the route storage layer.
Further, the processing of the transmitted data by the gateway layer specifically includes performing encryption and decryption processing on the received data.
Further, the routing storage layer includes a routing module, which is used for implementing data forwarding according to the user's authority.
Further, the gateway layer comprises a private gateway and a public gateway; the routing module comprises a private routing module and a public routing module; the routing storage layer also comprises an authentication forwarding module;
and the authentication forwarding module is used for enabling the private routing module to acquire the data received by the public routing module through the authentication forwarding module.
Further, the route storage layer further comprises a real-time data channel node module and a database module;
the real-time data channel node module is used for storing the data received by the gateway layer and providing real-time data for the application layer;
and the database module is used for storing the data received by the gateway layer and providing historical data for the application layer.
Further, the real-time data channel node module comprises a private real-time data channel node module and a public real-time data channel node module;
the private real-time data channel node module is used for storing the data received by the private gateway and providing real-time data for the application layer;
and the public real-time data channel node module is used for storing the data received by the public gateway and providing real-time data for the application layer.
Further, the database module comprises a private database module and a public database module;
the private database module is used for storing the data received by the private gateway and providing historical data for the application layer;
and the public database module is used for storing the data received by the public gateway and providing historical data for the application layer.
Further, the routing storage layer further comprises an authority authentication module, which is used for performing authority verification on the data requested to be acquired by the application layer.
Further, the gateway layer provides device access and load balancing functions.
Further, the application layer provides an API interface.
Compared with the prior art, the invention has the following beneficial effects:
1. according to the invention, by setting a three-layer structure of a gateway layer, a route storage layer and an application layer, multiple gateways are deployed in multiple lines, the problem of network segment crossing is solved from an access structure, and the data forwarding cost brought by interconnection and intercommunication is reduced;
2. the invention supports public and private dual deployment schemes;
3. according to the invention, the problem of establishing private deployed data forwarding authentication by using a public network foundation is solved by independently setting the authentication forwarding module, so that the deployment requirements of enterprise public network deployment and private operation are reduced;
4. the invention separately sets the database and the real-time data channel, solves the problem of cluster pressure and the requirement of database security isolation, and utilizes hardware resources to the maximum extent;
5. the invention is provided with the authority authentication module, the acquisition of data by external application is strictly controlled and recorded, and the safety problem of illegal utilization of the data is relieved through the authority authentication node;
6. the invention establishes the basis of diversified external application support through the authority authentication module.
Drawings
Fig. 1 is a block diagram of an information system of the internet of things based on a distributed environment according to an embodiment.
Detailed Description
The embodiments of the present invention are described below with reference to specific embodiments, and other advantages and effects of the present invention will be easily understood by those skilled in the art from the disclosure of the present specification. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict.
The invention aims to provide an environment internet of things information system based on distribution aiming at the defects of the prior art.
Example one
The embodiment provides an environment internet of things information system based on distribution, which comprises a gateway layer, a route storage layer and an application layer;
the gateway layer is used for receiving and processing the transmitted data;
the route storage layer is used for forwarding and storing the data received by the gateway layer;
and the application layer is used for acquiring the data of the route storage layer.
In the present embodiment, a three-layer structure is established: a gateway layer, a route storage layer and an application layer. Multiple gateways are deployed in multiple lines, the problem of network environment is solved from an access structure, a transparent and uniform access form is established for background services, and subsequent service processing is simplified; meanwhile, the real service requirements of connection number, authentication, encryption and the like are met. As shown in fig. 1.
The gateway layer comprises a private gateway and a public gateway; the routing storage layer comprises a routing module, an authentication forwarding module, a real-time data channel node module, a database module and an authority authentication module; the routing module comprises a private routing module and a public routing module; the real-time data channel node module comprises a private real-time data channel node module and a public real-time data channel node module; the database module comprises a private database module and a public database module; the application layer is an external integrated application layer.
In this embodiment, the detailed functions of each node are described as follows:
private gateway, public gateway: realizing the access function of the equipment; a load balancing function; and data transmission encryption and decryption functions.
Private routing module, public routing module: and realizing the internal and external forwarding function of the communication data system according to the user authority.
And (3) forwarding authentication: the authentication node for realizing equipment access by the private user through the public gateway is solved.
Private database module, public database module: analyzing the equipment communication protocol; realizing data compliance and formatting according to the laws and regulations; the data is stored.
Private real-time data channel node module, public real-time data channel node module: analyzing a device communication protocol; establishing an external subscription mechanism;
and (3) authentication: and performing permission verification on the external application request data.
An application layer: and a basic service API interface is provided, and specific applications are not provided.
In this embodiment, the data transmission of the private gateway is as follows:
each device is accessed into a private gateway, the private gateway encrypts and decrypts the data uploaded by the device, and the processed data is sent to a private routing module; the private routing module forwards the received data according to the authority of the user; the private database module and the private real-time data channel node module store the data after receiving the data forwarded by the private router; the private database module and the private real-time data channel node module are also connected with an authority authentication module to perform authority verification on the external application request data.
When the application layer acquires the data of the private gateway, the historical data and the real-time data can be acquired through the private database module and the private real-time data channel node module after the data is processed by the authority authentication module. The private database module and the private real-time data channel node module are arranged separately so as to solve the cluster pressure problem and the database security isolation requirement; through the authority authentication module, the data acquisition of the external application is strictly controlled and recorded, the service division of the external demand layer application on the data acquisition is isolated, and the authority of each party is favorably distinguished.
In this embodiment, the data transmission of the public gateway is as follows:
each device is accessed into a public gateway, the public gateway encrypts and decrypts data uploaded by the device, and the processed data are sent to a public routing module; the public routing module forwards the received data according to the authority of the user; the public database module and the public real-time data channel node module store the data forwarded by the public router after receiving the data; the public database module and the public real-time data channel node module are also connected with an authority authentication module so as to carry out authority verification on the external application request data.
When the application layer acquires the data of the public gateway, the historical data and the real-time data can be acquired through the public database module and the public real-time data channel node module after the data is processed by the authority authentication module. The public database module and the public real-time data channel node module are arranged separately so as to solve the cluster pressure problem and the database safety isolation requirement; through the authority authentication module, the data acquisition of the external application is strictly controlled and recorded, the service division of the external demand layer application on the data acquisition is isolated, and the authority of each party is favorably distinguished.
In this embodiment, the authentication forwarding module is configured to enable the private routing module to obtain the data received by the public routing module through the authentication forwarding module.
As shown in fig. 1, the public routing module is connected to the authentication forwarding module, the authentication forwarding module is connected to the private routing module, and the authentication forwarding module is separately configured, and the separately configured authentication forwarding module solves the problem of establishing data forwarding authentication for private deployment based on a public network, thereby reducing the deployment cost of enterprise networking.
In the embodiment, the application layer, i.e., the external integrated application layer, provides a basic service API interface and does not provide specific applications, so that various utilization modes such as user human-computer interaction, data display, publishing, mining and the like can be realized in a diversified manner.
In the present embodiment, the words involved are explained as follows:
load balancing: also called Load balancing (Load balancing), the basic concept is to distribute tasks to multiple entities through a certain strategy in order to reduce the Load of some or all of the entities, so as to balance the Load among different entities
Compared with the prior art, the invention has the following beneficial effects:
1. according to the invention, by setting a three-layer structure of a gateway layer, a route storage layer and an application layer, multiple gateways are deployed in multiple lines, the problem of network segment crossing is solved from an access structure, and the data forwarding cost brought by interconnection and intercommunication is reduced;
2. the invention supports public and private dual deployment schemes;
3. according to the invention, the problem of establishing private deployed data forwarding authentication by using a public network foundation is solved by independently setting the authentication forwarding module, so that the deployment requirements of enterprise public network deployment and private operation are reduced;
4. the invention separately sets the database and the real-time data channel, solves the problem of cluster pressure and the requirement of database security isolation, and utilizes hardware resources to the maximum extent;
5. the invention is provided with the authority authentication module, the acquisition of data by external application is strictly controlled and recorded, and the safety problem of illegal utilization of the data is relieved through the authority authentication node;
6. the invention establishes the basis of diversified external application support through the authority authentication module.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. Those skilled in the art will appreciate that the present invention is not limited to the particular embodiments described herein, and that various obvious changes, rearrangements and substitutions will now be apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in some detail by the above embodiments, the invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the invention, and the scope of the invention is determined by the scope of the appended claims.
Claims (4)
1. An environmental internet of things information system based on distribution, comprising: a gateway layer, a routing storage layer and an application layer;
the gateway layer is used for receiving and processing the transmitted data;
the route storage layer is used for forwarding and storing the data received by the gateway layer; the route storage layer comprises a route module;
the application layer is used for acquiring the data of the routing storage layer;
the gateway layer comprises a private gateway and a public gateway; the routing module comprises a private routing module and a public routing module; the routing storage layer also comprises an authentication forwarding module;
the authentication forwarding module is used for enabling the private routing module to acquire the data received by the public routing module through the authentication forwarding module;
the routing storage layer also comprises a real-time data channel node module and a database module;
the real-time data channel node module is used for storing the data received by the gateway layer and providing real-time data for the application layer;
the database module is used for storing the data received by the gateway layer and providing historical data for the application layer; the real-time data channel node module comprises a private real-time data channel node module and a public real-time data channel node module;
the private real-time data channel node module is used for storing the data received by the private gateway and providing real-time data for the application layer;
the public real-time data channel node module is used for storing the data received by the public gateway and providing real-time data for the application layer;
the database module comprises a private database module and a public database module;
the private database module is used for storing the data received by the private gateway and providing historical data for the application layer;
the public database module is used for storing the data received by the public gateway and providing historical data for the application layer;
the routing storage layer also comprises an authority authentication module used for carrying out authority verification on the data requested to be obtained by the application layer;
the data transmission of the private gateway is as follows: each device is accessed into a private gateway, the private gateway encrypts and decrypts the data uploaded by the device and sends the processed data to a private routing module; the private routing module forwards the received data according to the authority of the user; the private database module and the private real-time data channel node module store the data after receiving the data forwarded by the private router;
the data transmission of the public gateway is as follows: each device is accessed into a public gateway, the public gateway encrypts and decrypts data uploaded by the device, and the processed data are sent to a public routing module; the public routing module forwards the received data according to the authority of the user; and the public database module and the public real-time data channel node module store the data after receiving the data forwarded by the public router.
2. The distributed internet of things environment information system according to claim 1, wherein the gateway layer processes the transmitted data by encrypting and decrypting the received data.
3. The distributed internet of things based environment information system of claim 1, wherein the gateway layer provides device access and load balancing functions.
4. The distributed internet of things based environment information system of claim 1, wherein the application layer provides an API interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911393817.9A CN110995515B (en) | 2019-12-30 | 2019-12-30 | Distributed environment Internet of things information system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911393817.9A CN110995515B (en) | 2019-12-30 | 2019-12-30 | Distributed environment Internet of things information system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110995515A CN110995515A (en) | 2020-04-10 |
| CN110995515B true CN110995515B (en) | 2023-04-07 |
Family
ID=70078754
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911393817.9A Active CN110995515B (en) | 2019-12-30 | 2019-12-30 | Distributed environment Internet of things information system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110995515B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104767829A (en) * | 2015-04-27 | 2015-07-08 | 西安电子科技大学 | Cloud service system based on Internet of Things sensing device cloud simulation nodes |
| CN108269061A (en) * | 2018-01-19 | 2018-07-10 | 广州市品高软件股份有限公司 | A kind of social cooperative system of public and private mixing |
| CN108370314A (en) * | 2015-12-11 | 2018-08-03 | 维萨国际服务协会 | Use the secure storage of data and the device of retrieval |
| CN108696565A (en) * | 2017-04-06 | 2018-10-23 | 北京算云联科科技有限公司 | Integrated digital home control system based on mixed cloud and isomery Internet of Things |
| CN109639790A (en) * | 2018-12-06 | 2019-04-16 | 上海美亦健健康管理有限公司 | A kind of distributed Internet of Things software architecture |
| CN110505312A (en) * | 2019-09-09 | 2019-11-26 | 合肥移瑞通信技术有限公司 | It is a kind of can cloud deployment platform of internet of things management system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150215280A1 (en) * | 2013-12-01 | 2015-07-30 | Domanicom Corporation | Intelligent virtual gateway |
| US20180227369A1 (en) * | 2017-02-09 | 2018-08-09 | Kaiser Foundation Hospitals | Converged service computing platform |
-
2019
- 2019-12-30 CN CN201911393817.9A patent/CN110995515B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104767829A (en) * | 2015-04-27 | 2015-07-08 | 西安电子科技大学 | Cloud service system based on Internet of Things sensing device cloud simulation nodes |
| CN108370314A (en) * | 2015-12-11 | 2018-08-03 | 维萨国际服务协会 | Use the secure storage of data and the device of retrieval |
| CN108696565A (en) * | 2017-04-06 | 2018-10-23 | 北京算云联科科技有限公司 | Integrated digital home control system based on mixed cloud and isomery Internet of Things |
| CN108269061A (en) * | 2018-01-19 | 2018-07-10 | 广州市品高软件股份有限公司 | A kind of social cooperative system of public and private mixing |
| CN109639790A (en) * | 2018-12-06 | 2019-04-16 | 上海美亦健健康管理有限公司 | A kind of distributed Internet of Things software architecture |
| CN110505312A (en) * | 2019-09-09 | 2019-11-26 | 合肥移瑞通信技术有限公司 | It is a kind of can cloud deployment platform of internet of things management system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110995515A (en) | 2020-04-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6475306B2 (en) | System and method for managing a wireless network | |
| US10819794B2 (en) | Distribution hub for internet-of-things data | |
| CN106797310B (en) | Method and system for protecting customer data in a networked system | |
| CN113765715A (en) | Decentralized data storage and processing for IOT devices | |
| US20150326512A1 (en) | Message transmission system and method for a structure of a plurality of organizations | |
| CN110855783B (en) | Smart city data system based on big data | |
| CN110971626B (en) | Enterprise branch office access request processing method, device and system | |
| WO2021143462A1 (en) | Front end processor-based data exchange system and method | |
| JP2020534727A (en) | Processing methods for media data, computing devices and storage media | |
| CN102868728B (en) | Network proxy method based on virtual channel in virtual desktop infrastructure (VDI) environment | |
| CN103916625A (en) | Video monitoring system and method based on cloud computing | |
| CN108966216B (en) | Mobile communication method and system applied to power distribution network | |
| KR102167627B1 (en) | Data communication system and method | |
| CN112291200B (en) | Method and system for trusted access of edge computing APP to Internet of things edge agent | |
| CN102006276A (en) | Licensing and certificate distribution via secondary or divided signaling communication pathway | |
| CN105071989A (en) | Video content distribution quality monitoring system and monitoring method therefor | |
| CN107295312A (en) | A kind of wireless video safety access system based on SSL VPN | |
| US10038729B1 (en) | Cooperative network access | |
| CN102647435A (en) | Police network monitoring system | |
| CN110995515B (en) | Distributed environment Internet of things information system | |
| CN103634274B (en) | Safe method for video exchange and system | |
| Lee et al. | A secure framework of the surveillance video network integrating heterogeneous video formats and protocols | |
| CN108259249A (en) | Method for network access, router, terminal device, server and network system | |
| CN109547408B (en) | Base station dynamic loop information monitoring method based on block chain management | |
| CN108900518B (en) | Credible software-defined cloud network data distribution system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |