CN111385274B - Cross-network service calling method and device, feature gateway and identity recognition system - Google Patents

Cross-network service calling method and device, feature gateway and identity recognition system Download PDF

Info

Publication number
CN111385274B
CN111385274B CN201811644353.XA CN201811644353A CN111385274B CN 111385274 B CN111385274 B CN 111385274B CN 201811644353 A CN201811644353 A CN 201811644353A CN 111385274 B CN111385274 B CN 111385274B
Authority
CN
China
Prior art keywords
service
network
type
information
legal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811644353.XA
Other languages
Chinese (zh)
Other versions
CN111385274A (en
Inventor
邹继文
毛翔宇
王宇
郄妍飞
高建民
王鑫
杨胜杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Aisino Corp
Original Assignee
Aisino Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aisino Corp filed Critical Aisino Corp
Priority to CN201811644353.XA priority Critical patent/CN111385274B/en
Publication of CN111385274A publication Critical patent/CN111385274A/en
Application granted granted Critical
Publication of CN111385274B publication Critical patent/CN111385274B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/133Protocols for remote procedure calls [RPC]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)

Abstract

The disclosure relates to a cross-network service calling method, a device, a feature gateway and an identity verification system. The method comprises the following steps: when a service calling request aiming at a first type of network is obtained, judging whether the service calling request is legal or not, wherein the service calling request is used for indicating the requested target service and is sent by other networks except the first type of network; and if the service calling request is legal, calling the target service from the first type network through a service collaboration service platform according to the target service information. Therefore, cross-network and cross-level service calling can be realized, the safety of cross-network service calling can be improved by judging the validity of the service calling request, information leakage caused by wrong calling is prevented, information safety is guaranteed, meanwhile, service calling is finished in the first type of network, service calling from a higher safety level network is not needed, and the burden of the high safety level network is relieved.

Description

Cross-network service calling method and device, feature gateway and identity recognition system
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method and an apparatus for cross-network service invocation, a feature gateway, and an identity verification system.
Background
According to the requirements of national security and privacy management, physical isolation exists between different networks, and different networks can correspond to different security levels, and for example, an application or a system in a network with a low security level cannot directly access data in a network with a high security level. However, with the development of intelligent security management application, data exchange needs among multiple physically isolated network environments are more and more frequent, for example, mass information is stored in a database of a high security level network, where feature information of security key personnel exists, when a user is authenticated, the feature information of the user needs to be uploaded to the high security level network, feature comparison is performed in the high security level network to obtain a feature result, it is determined whether the user is the security key personnel, and the result is sent to an authentication requester, so that efficiency is not high, and very heavy pressure is caused on the high security level network.
Disclosure of Invention
The invention aims to provide a cross-network service calling method, a device, a feature gateway and an identity verification system, so as to realize cross-network and cross-level service calling.
In order to achieve the above object, the present disclosure provides a method for invoking a cross-network service, where the method includes:
when a service calling request aiming at a first-class network is obtained, judging whether the service calling request is legal or not, wherein the service calling request is used for indicating a requested target service and is sent by other networks except the first-class network;
and if the service calling request is legal, calling the target service from the first type network through a service collaboration service platform according to the target service information.
Optionally, the method further comprises:
sending registration information to a second type network to obtain an approval result of the second type network;
if the approval result indicates that the registration information passes, acquiring authorization configuration information from the second type network through the service collaboration service platform, and performing authorization deployment according to the authorization configuration information;
when the service calling request aiming at the first type of network is obtained, judging whether the service calling request is legal or not comprises the following steps:
judging whether the authorization configuration information is legal in the local and the first type network or not according to the authorization configuration information in the local database;
And if the authorization configuration information is locally legal and the authorization configuration information is legal in the first type of network, determining that the service calling request is legal.
Optionally, the target service is a feature data request service;
the invoking the target service from the first type network through the business cooperation service platform according to the target service information includes:
and acquiring characteristic data from the first type of network through the business cooperation service platform.
Optionally, the target service is a specific information receiving service;
the invoking the target service from the first type network through the business cooperation service platform according to the target service information includes:
and sending the comparison result to the first type network through the business cooperation service platform, so that the first type network sends the comparison result to the second type network through the business cooperation service platform.
Optionally, the target service is an identification verification service;
the invoking the target service from the first type network through the business cooperation service platform according to the target service information includes:
sending user characteristic information to the first type of network through the business cooperation service platform so that the first type of network obtains an identity recognition result;
And receiving the identification result aiming at the user characteristic information obtained by the first type of network.
According to a second aspect of the present disclosure, there is provided an apparatus for invoking a cross-network service, the apparatus comprising:
the system comprises a judging module, a judging module and a judging module, wherein the judging module is used for judging whether a service calling request aiming at a first-class network is legal or not when the service calling request is acquired, the service calling request is used for indicating a requested target service, and the service calling request is sent by other networks except the first-class network;
and the calling module is used for calling the target service from the first-class network through a service collaboration service platform according to the target service information if the service calling request is legal.
Optionally, the apparatus further comprises:
the sending module is used for sending registration information to a second type network so as to obtain an approval result of the second type network;
the authorization module is used for acquiring authorization configuration information from the second type network through the business collaboration service platform and carrying out authorization deployment according to the authorization configuration information if the approval result indicates that the registration information passes;
the judging module is used for judging whether the authorization configuration information is legal in the local and the first type network according to the authorization configuration information in the local database; and if the authorization configuration information is locally legal and the authorization configuration information is legal in the first type of network, determining that the service calling request is legal.
Optionally, the target service is a feature data request service;
the calling module is used for acquiring the characteristic data from the first type of network through the business cooperation service platform.
Optionally, the target service is a comparative information receiving service;
the calling module is used for sending an out-of-ratio result to the first type of network through the business cooperation service platform, so that the first type of network sends the out-of-ratio result to the second type of network through the business cooperation service platform.
Optionally, the target service is an identification verification service;
the calling module is used for sending the user characteristic information to the first type network through the business collaboration service platform so as to enable the first type network to obtain an identity recognition result; and receiving the identification result aiming at the user characteristic information obtained by the first type of network.
According to a third aspect of the present disclosure, a feature gateway is provided, where the feature gateway is configured to execute the cross-network service invoking method according to the first aspect of the present disclosure.
According to a fourth aspect of the present disclosure, there is provided an identification system, the system comprising:
the identity recognition terminal is used for receiving the user characteristic information;
A feature gateway according to the third aspect of the present disclosure;
the system comprises a business cooperation service platform, a first type network and a second type network.
According to the technical scheme, when the service calling request is obtained, the target service is called from the first-class network through the service collaboration service platform under the condition that the service calling request is legal, cross-network and cross-level service calling can be achieved, the safety of cross-network service calling can be improved by judging the legality of the service calling request, information leakage caused by wrong calling is prevented, information safety is guaranteed, meanwhile, the calling of the service is finished in the first-class network, the service calling in a higher-safety-level network is not needed, and the burden of the high-safety-level network is relieved.
Additional features and advantages of the present disclosure will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure and are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure without limiting the disclosure. In the drawings:
FIG. 1 is a schematic diagram of a scenario in which a cross-network service invocation method provided in accordance with the present disclosure is implemented;
FIG. 2 is a flow diagram of a cross-web service invocation method provided in accordance with one embodiment of the present disclosure;
FIG. 3 is a block diagram of an apparatus for cross-web service invocation provided in accordance with an embodiment of the present disclosure;
FIG. 4 is a block diagram of an identification system provided in accordance with one embodiment of the present disclosure;
FIG. 5 is a block diagram illustrating an electronic device in accordance with an example embodiment.
Detailed Description
The following detailed description of specific embodiments of the present disclosure is provided in connection with the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present disclosure, are given by way of illustration and explanation only, not limitation.
Before introducing the method provided by the present disclosure, an application scenario of the present disclosure is briefly described first. According to the requirements of national security and privacy management, physical isolation exists between different networks, and the different networks can correspond to different security levels, for example, an application or system in a low security level network cannot directly access data in a high security level network. However, with the development of intelligent security management applications, data exchange between multiple physically isolated network environments is more and more frequent, for example, mass information is stored in a database of a high security level network, where there is feature information of security key personnel, when a user is authenticated, the feature information of the user needs to be uploaded to the high security level network, feature comparison is performed in the high security level network to obtain a feature result, it is determined whether the user is a security key personnel, and the result is sent to an authentication requester, which may cause heavy pressure on the high security level network. The disclosure aims to provide a cross-network service calling method to realize cross-network service calling. The method comprises the steps of a feature gateway, a business collaboration service platform, a first type network and a second type network. The feature gateway is a device for performing cross-network service invocation, and is used as a communication medium between a lower-level application or system (in a low security level network) and an upper-level network (in a high security level network), for example, the lower-level application or system may be a provincial level unit application system, and the upper-level network may be a department level network. The network security level of the second type network is higher than that of the first type network, and the first type network can be used for issuing corresponding data acquired from the second type network database to the database of the feature gateway when the feature gateway calls the service. Illustratively, the first type of network may be a public network and the second type of network may be an intranet. The service collaboration service platform can be used for data exchange between networks, for example, data exchange between a first type network and a second type network, data exchange between the first type network and a feature gateway, and can be regarded as a service bus for inter-network collaboration. Fig. 1 is a schematic view of a scenario when the cross-network service invoking method provided by the present disclosure is implemented, as shown in fig. 1, a feature gateway 11 performs data exchange with a first-class network 12 through a service collaboration platform 14, and the first-class network 12 performs data exchange with a second-class network 13 through the service collaboration platform 14.
Fig. 2 is a flowchart of a cross-network service invocation method provided according to an embodiment of the present disclosure. Illustratively, the method may be applied to a feature gateway, as shown in fig. 2, which may include the following steps.
In step 21, when a service invocation request for the first-type network is acquired, it is determined whether the service invocation request is legal.
The service invocation request may be used to indicate a requested target service. Illustratively, the target service may be, for example, a feature data request service, a ranging information reception service, an identification verification service, or the like. The service invocation request may be generated by the feature gateway, for example. For example, the feature gateway may periodically generate a service invocation request requesting invocation of the feature data request service to periodically update the local feature data. For another example, if the feature gateway receives user information of an identity to be confirmed, the feature gateway may generate a service invocation request for invoking an identity authentication service, so as to confirm the identity of the user. For another example, the feature gateway may generate a corresponding service call request according to the invoked interface, and if the interface corresponding to the identification is invoked, the feature gateway may generate a service call request for requesting to invoke the identification verification service. The process of judging whether the service calling request is legal or not can be carried out when the feature gateway is accessed to the service cooperative service platform. The service invocation request may be issued by a network other than the first type of network, for example, an application system in a lower level network of the first type of network.
Before cross-network service calling, a high-security-level network is firstly required to authorize the feature gateway so that the feature gateway can be called at any time when corresponding service is required to be called subsequently. The feature gateway which has obtained the authorization of the superior network can call the service from the superior network, and the feature gateway which does not obtain the authorization of the superior network cannot call the service from the superior network. Therefore, in one possible embodiment, the method provided by the present disclosure may further include the steps of:
sending registration information to the second type network to obtain an approval result of the second type network;
and if the approval result indicates that the registration information passes, acquiring authorization configuration information from the second type network through the service collaboration service platform, and performing authorization deployment according to the authorization configuration information.
For example, the second type of network may be provided with feature gateway management functions to audit registered feature gateways. When the feature gateway is registered, firstly, the registration information is sent to the second type network, and after the second type network receives the registration information of the feature gateway, the registration information is approved to determine whether the feature gateway passes the examination and verification. In the case that the feature gateway fails to perform the audit, the second type network may feed back the result of the audit that fails to perform the audit to the feature gateway, so that the feature gateway performs processing such as modifying the registration information. Under the condition that the feature gateway passes the verification, the second type network can feed back the verification result passing the verification to the feature gateway, and meanwhile, the second type network can issue authorization configuration information to the feature gateway. The authorization configuration information may include an authorization code and a corresponding authorization configuration file. After obtaining the authorization configuration information, the feature gateway performs authorization deployment according to the authorization configuration information, for example, deploys an SDK for access configuration, and at this time, the feature gateway finishes registration, that is, obtains authorization of a superior network. In addition, the first type network can also have a feature gateway management function, after a certain feature gateway is registered in the second type network and obtains authorization, the second type network can issue information related to the authorization of the feature gateway to the first type network, so that when the feature gateway requests to call service, the legality of the feature gateway is determined through the first type network, the second type network is not required to judge, and the pressure of the second type network is reduced.
In one possible embodiment, step 21 may comprise the steps of:
judging whether the authorization configuration information is legal in the local and the first type network or not according to the authorization configuration information in the local database;
and if the authorization configuration information is locally legal and the authorization configuration information is legal in the first type of network, determining that the service calling request is legal.
The purpose of judging whether the service calling request is legal is to confirm whether the current feature gateway obtains the authorization of the superior network, and prevent the feature gateway which does not obtain the authorization of the superior network from obtaining corresponding information in the superior network to cause internal information leakage. Therefore, whether the authorization configuration information is legal in the local and the first type network can be judged according to the authorization configuration information in the local database. For example, authorization configuration information such as an authorization code in a local SDK packet may be read first to determine the validity of the authorization information in the local area, that is, the authorization configuration information is used for self-checking, and after the self-checking is passed, the service collaboration service platform is connected to the first type of network to determine the validity of the authorization configuration information in the first type of network. If the authorization configuration information of the feature gateway is judged to be legal in both the local network and the first-class network, the feature gateway can be determined to be the feature gateway which has obtained the authorization of the superior network, and therefore the service call request of the feature gateway can also be determined to be legal.
In step 22, if the service invocation request is legal, the target service is invoked from the first-class network through the service collaboration service platform according to the target service information.
If the service calling request is determined to be legal, the current feature gateway is indicated to obtain the authorization of the superior network, so that the corresponding target service can be called, namely, the feature gateway can call the target service from the first-class network through the service collaboration service platform. For example, in the case that the target service is a feature data request service, the feature gateway may update and download feature data according to feature data in a superior network database, for example, update the feature information of the control staff in the local database, the feature information of the escape staff, and the like. For another example, in the case that the target service is a ratio information receiving service, the feature gateway may send the result of the local ratio to a superior network, such as the first type network, to finally update the ratio personnel information base in the second type network database. The comparison information receiving service can be used for requesting the first type network to receive local comparison results, and the comparison results can represent local personnel comparison results. For another example, in the case that the target service is an identification verification service, the feature gateway may obtain an identification result from an upper level.
In one possible implementation, the target service may be a feature data request service. The feature data request service may be used to request feature information for a first type of network. In such embodiments, the methods provided by the present disclosure may include the steps of:
and acquiring the characteristic data from the first-class network through the business cooperation service platform.
Illustratively, the feature gateway may send a feature data query request to the first type of network through the business collaboration services platform. The characteristic data query request can be used for indicating the type of characteristic data, such as a control personnel list, basic population information, public security key person characteristics, national escape person characteristics and the like; alternatively, the feature data query request may also be used to indicate an identity, such as a user identification number, a user ID, and the like. After sending the feature data query request to the first type of network, the first type of network will issue the corresponding feature data to the feature gateway to realize the feature data update of the feature gateway. For example, the feature data obtained from the first type of network may be used to update a certain type of feature data, or the feature data obtained from the first type of network may be used to update feature data of a certain user. In this way, cross-network and cross-hierarchy feature data updating and downloading can be achieved.
In another possible implementation, the target service may be a ratio information reception service. The in-ratio information receiving service may be configured to request the first type network to receive a local in-ratio result, which may characterize the local people comparison result. In such embodiments, the methods provided by the present disclosure may include the steps of:
and sending the comparison result to the first type network through the business cooperation service platform, so that the first type network sends the comparison result to the second type network through the business cooperation service platform.
The feature gateway may be provided with a deployment, control, comparison and request interface, and when the interface is called, the feature gateway may generate a comparison result according to local feature data, and the feature gateway may call information in a cross-network and cross-tier ratio of an information receiving service in the ratio through the service collaboration service platform and report the information.
In another possible implementation, the target service may be an identification verification service. In such embodiments, the method provided by the present disclosure may comprise the steps of:
sending the user characteristic information to a first type of network through a business cooperation service platform so that the first type of network obtains an identity recognition result;
And receiving the identity recognition result aiming at the user characteristic information obtained by the first type of network.
The feature gateway may be provided with an identity recognition request interface and an identity recognition result query interface, and when the identity recognition request interface is called, the feature gateway may send the user feature information, which may be, for example, face information of the user, to the first type of network through the service collaboration service platform. The first type of network can identify the user identity according to the user feature information, generate an identity identification result and feed the identity identification result back to the feature gateway through the service collaboration service platform, and at the moment, the identity identification result query interface of the feature gateway is called to obtain the identity identification result aiming at the user. By the mode, cross-network and cross-level identity identification verification service calling can be realized, and the method has an important role in a user identity identification scene.
By the mode, when the service calling request is obtained, the target service is called from the first-class network through the service collaboration service platform under the condition that the service calling request is legal, cross-network and cross-level service calling can be achieved, the safety of cross-network service calling can be improved by judging the legality of the service calling request, information leakage caused by wrong calling is prevented, information safety is guaranteed, meanwhile, the calling of the service is finished in the first-class network, the service does not need to be called from the network with higher safety level, and the burden of the network with high safety level is relieved.
Fig. 3 is a block diagram of a cross-network service invocation device provided according to an embodiment of the present disclosure, and as shown in fig. 3, the device 30 includes:
a determining module 31, configured to determine, when a service invocation request for a first-class network is obtained, whether the service invocation request is legal, where the service invocation request is used to indicate a requested target service and is sent by a network other than the first-class network;
and the calling module 32 is configured to call the target service from the first-class network through a service collaboration service platform according to the target service information if the service calling request is legal.
Optionally, the apparatus 30 further comprises:
the sending module is used for sending registration information to a second type network so as to obtain an approval result of the second type network;
the authorization module is used for acquiring authorization configuration information from the second type network through the business collaboration service platform and carrying out authorization deployment according to the authorization configuration information if the approval result indicates that the registration information passes;
the judging module 31 is configured to judge whether the authorization configuration information is legal in the local and the first type network according to the authorization configuration information in the local database; and if the authorization configuration information is locally legal and the authorization configuration information is legal in the first type of network, determining that the service calling request is legal.
Optionally, the target service is a feature data request service;
the calling module 32 is configured to obtain feature data from the first type of network through the service collaboration service platform.
Optionally, the target service is a specific information receiving service;
the invoking module 32 is configured to send the result of the comparison to the first type of network through the business cooperation service platform, so that the first type of network sends the result of the comparison to the second type of network through the business cooperation service platform.
Optionally, the target service is an identity authentication service;
the calling module 32 is configured to send user feature information to the first type of network through the service collaboration service platform, so that the first type of network obtains an identity recognition result; and receiving the identification result aiming at the user characteristic information obtained by the first type of network.
With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
Fig. 4 is a block diagram of an identification system provided in accordance with one embodiment of the present disclosure. As shown in fig. 4, the system 40 may include:
An identification terminal 41 for receiving user characteristic information;
any embodiment of the present disclosure provides a feature gateway 42;
a business collaboration services platform 43, a first type network 44, and a second type network 45.
The first-class network 44 is communicated with the feature gateway 42 through the business cooperation service platform 43, and is communicated with the second-class network 45 through the business cooperation service platform 43, wherein the second-class network 45 is higher in security level than the first-class network 44, the first-class network 44 is higher in security level than the feature gateway 42, and the feature gateway 42 is higher in security level than the identification terminal 41.
For example, the user feature information may be collected user image information, and when the identity recognition terminal 41 collects the user image information, the feature gateway 42 may invoke an identification verification service from the first type network 44 through the service collaboration service platform 43, for example, invoke the identification verification service to perform the person 1: n to identify the user identity, and the identity recognition result is fed back to the identity recognition terminal 41.
Through the identity recognition system, identity recognition and verification services for users can be realized, identities of key public security personnel can be accurately recognized, the efficiency of public security management work is improved, meanwhile, identity recognition is carried out on a first type of network through the characteristic gateway, the pressure of a second type of network is reduced, and the identity recognition efficiency is improved.
FIG. 5 is a block diagram of an electronic device shown in accordance with an example embodiment. For example, the electronic device may be provided as a feature gateway. Referring to fig. 5, electronic device 1900 includes a processor 1922, which can be one or more in number, and memory 1932 for storing computer programs executable by processor 1922. The computer program stored in memory 1932 may include one or more modules that each correspond to a set of instructions. Further, the processor 1922 may be configured to execute the computer program to perform the cross-web service invocation method described above.
Additionally, electronic device 1900 may also include a power component 1926 and a communication component 1950, the power component 1926 may be configured to perform power management of the electronic device 1900, and the communication component 1950 may be configured to enable communication, e.g., wired or wireless communication, of the electronic device 1900. In addition, the electronic device 1900 may also include input/output (I/O) interfaces 1958. The electronic device 1900 may operate based on an operating system, such as Windows Server, Mac OS XTM, UnixTM, LinuxTM, etc., stored in memory 1932.
In another exemplary embodiment, a computer readable storage medium comprising program instructions which, when executed by a processor, implement the steps of the cross-web service invocation method described above is also provided. For example, the computer readable storage medium may be the memory 1932 comprising program instructions executable by the processor 1922 of the electronic device 1900 to perform the cross-web service invocation method described above.
The preferred embodiments of the present disclosure are described in detail above with reference to the accompanying drawings, however, the present disclosure is not limited to the specific details in the above embodiments, and various simple modifications may be made to the technical solution of the present disclosure within the technical idea of the present disclosure, and these simple modifications all belong to the protection scope of the present disclosure.
It should be noted that the various features described in the foregoing embodiments may be combined in any suitable manner without contradiction. To avoid unnecessary repetition, the disclosure does not separately describe various possible combinations.
In addition, any combination of various embodiments of the present disclosure may be made, and the same should be considered as the disclosure of the present disclosure as long as it does not depart from the gist of the present disclosure.

Claims (8)

1. A cross-network service calling method, characterized in that the method comprises:
when a service calling request aiming at a first type of network is obtained, judging whether the service calling request is legal or not, wherein the service calling request is used for indicating the requested target service and is sent by other networks except the first type of network;
If the service calling request is legal, calling the target service from the first type network through a service collaboration service platform according to the target service information;
the method further comprises the following steps:
sending registration information to a second type network to obtain an approval result of the second type network;
if the approval result indicates that the registration information passes, acquiring authorization configuration information from the second type of network through the business cooperation service platform, and performing authorization deployment according to the authorization configuration information;
when the service call request for the first type of network is obtained, judging whether the service call request is legal or not includes:
judging whether the authorization configuration information is legal in the local and the first type network or not according to the authorization configuration information in a local database;
and if the authorization configuration information is locally legal and the authorization configuration information is legal in the first type of network, determining that the service calling request is legal.
2. The method of claim 1, wherein the target service is a feature data request service;
the invoking the target service from the first type network through the business cooperation service platform according to the target service information includes:
And acquiring characteristic data from the first type of network through the business cooperation service platform.
3. The method of claim 1, wherein the target service is a specific information receiving service;
the invoking the target service from the first type network through the business cooperation service platform according to the target service information includes:
and sending the result of the comparison to the first type network through the business cooperation service platform, so that the first type network sends the result of the comparison to the second type network through the business cooperation service platform.
4. The method of claim 1, wherein the target service is an identity verification service;
the invoking the target service from the first type network through the business cooperation service platform according to the target service information includes:
sending user characteristic information to the first type of network through the business cooperation service platform so that the first type of network obtains an identity recognition result;
and receiving the identification result aiming at the user characteristic information obtained by the first type of network.
5. An apparatus for cross-network service invocation, the apparatus comprising:
The system comprises a judging module, a judging module and a judging module, wherein the judging module is used for judging whether a service calling request aiming at a first-class network is legal or not when the service calling request is acquired, the service calling request is used for indicating a requested target service, and the service calling request is sent by other networks except the first-class network;
the calling module is used for calling the target service from the first type network through a service collaboration service platform according to the target service information if the service calling request is legal;
the device further comprises:
the sending module is used for sending registration information to a second type network so as to obtain an approval result of the second type network;
the authorization module is used for acquiring authorization configuration information from the second type network through the business collaboration service platform and carrying out authorization deployment according to the authorization configuration information if the approval result indicates that the registration information passes;
the judging module is used for judging whether the authorization configuration information is legal in the local and the first type network according to the authorization configuration information in the local database; and if the authorization configuration information is locally legal and the authorization configuration information is legal in the first type of network, determining that the service calling request is legal.
6. The apparatus of claim 5, wherein the target service is a feature data request service;
the calling module is used for acquiring the characteristic data from the first type of network through the business cooperation service platform.
7. A feature gateway for performing the cross-network service invocation method of any of claims 1-4.
8. An identification system, the system comprising:
the identity recognition terminal is used for receiving the user characteristic information;
the feature gateway of claim 7;
the system comprises a business cooperation service platform, a first type network and a second type network.
CN201811644353.XA 2018-12-29 2018-12-29 Cross-network service calling method and device, feature gateway and identity recognition system Active CN111385274B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811644353.XA CN111385274B (en) 2018-12-29 2018-12-29 Cross-network service calling method and device, feature gateway and identity recognition system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811644353.XA CN111385274B (en) 2018-12-29 2018-12-29 Cross-network service calling method and device, feature gateway and identity recognition system

Publications (2)

Publication Number Publication Date
CN111385274A CN111385274A (en) 2020-07-07
CN111385274B true CN111385274B (en) 2022-07-01

Family

ID=71221106

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811644353.XA Active CN111385274B (en) 2018-12-29 2018-12-29 Cross-network service calling method and device, feature gateway and identity recognition system

Country Status (1)

Country Link
CN (1) CN111385274B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111858488B (en) * 2020-07-15 2023-02-17 广东东升信息技术有限公司 File storage access system and method based on big data
CN112241444B (en) * 2020-09-16 2023-08-01 四川天翼网络股份有限公司 Important population management and control platform based on railway traffic information
CN112241829A (en) * 2020-09-16 2021-01-19 四川天翼网络服务有限公司 Important population comparison method based on railway traffic information
CN115549966A (en) * 2022-08-25 2022-12-30 支付宝(杭州)信息技术有限公司 Security audit method and device for service request

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102611683A (en) * 2011-12-14 2012-07-25 上海聚力传媒技术有限公司 Method, device, equipment and system for executing third-party authentication
CN103052064A (en) * 2011-10-13 2013-04-17 中国移动通信集团公司 Method, equipment and system for accessing private services of operator
CN104156681A (en) * 2014-07-28 2014-11-19 上海辰锐信息科技公司 Identity recognition system
WO2016109135A1 (en) * 2014-12-31 2016-07-07 Motorola Solutions, Inc. Method and apparatus for device collaboration via a hybrid network
CN110166982A (en) * 2019-05-29 2019-08-23 深圳成谷科技有限公司 A kind of switching method and Related product of bus or train route contract network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103052064A (en) * 2011-10-13 2013-04-17 中国移动通信集团公司 Method, equipment and system for accessing private services of operator
CN102611683A (en) * 2011-12-14 2012-07-25 上海聚力传媒技术有限公司 Method, device, equipment and system for executing third-party authentication
CN104156681A (en) * 2014-07-28 2014-11-19 上海辰锐信息科技公司 Identity recognition system
WO2016109135A1 (en) * 2014-12-31 2016-07-07 Motorola Solutions, Inc. Method and apparatus for device collaboration via a hybrid network
CN110166982A (en) * 2019-05-29 2019-08-23 深圳成谷科技有限公司 A kind of switching method and Related product of bus or train route contract network

Also Published As

Publication number Publication date
CN111385274A (en) 2020-07-07

Similar Documents

Publication Publication Date Title
CN111385274B (en) Cross-network service calling method and device, feature gateway and identity recognition system
US9197639B2 (en) Method for sharing data of device in M2M communication and system therefor
CN110800331B (en) Network verification method, related equipment and system
CN1943203B (en) For the first mark of verifying entity and the method for the second mark
US7869815B2 (en) Location system with enhanced security
US9231763B2 (en) System and method for providing a multi-credential authentication protocol
CN110213223B (en) Service management method, device, system, computer equipment and storage medium
EP2648392A1 (en) Application programming interface routing system and method of operating the same
CN111246477B (en) Access method, terminal, micro base station and access system
CN107809776B (en) Information processing method, device and network system
KR20160037213A (en) Processing electronic tokens
CN112953745B (en) Service calling method, system, computer device and storage medium
US9369873B2 (en) Network application function authorisation in a generic bootstrapping architecture
CN112770380B (en) Specific absorption rate parameter adjusting method, specific absorption rate parameter adjusting device, computer equipment and storage medium
CN111356090B (en) Networking method of network, device thereof, terminal and computer readable storage medium
CN106685914B (en) Information verification method, server and client
CN114697945B (en) Method and device for generating discovery response message and method for processing discovery message
JPH11510019A (en) Access restriction process for communication networks, communication systems and units for such systems
CN106487776B (en) Method, network entity and system for protecting machine type communication equipment
US20160183083A1 (en) User equipment and method for dynamic internet protocol multimedia subsystem (ims) registration
CN112994922B (en) Method and device for configuring identification
CN113630761B (en) Session management method and device and terminal
US11974131B2 (en) Systems and methods for seamless cross-application authentication
CN114679264B (en) Password generation method, device and storage medium
US11647017B2 (en) Subscriber identity management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant