CN111447132B - Data transmission method, device, system and computer storage medium - Google Patents

Data transmission method, device, system and computer storage medium Download PDF

Info

Publication number
CN111447132B
CN111447132B CN202010182956.3A CN202010182956A CN111447132B CN 111447132 B CN111447132 B CN 111447132B CN 202010182956 A CN202010182956 A CN 202010182956A CN 111447132 B CN111447132 B CN 111447132B
Authority
CN
China
Prior art keywords
data packet
target
server
client
application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010182956.3A
Other languages
Chinese (zh)
Other versions
CN111447132A (en
Inventor
陈华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Cubesili Information Technology Co Ltd
Original Assignee
Guangzhou Cubesili Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Cubesili Information Technology Co Ltd filed Critical Guangzhou Cubesili Information Technology Co Ltd
Priority to CN202010182956.3A priority Critical patent/CN111447132B/en
Publication of CN111447132A publication Critical patent/CN111447132A/en
Application granted granted Critical
Publication of CN111447132B publication Critical patent/CN111447132B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/029Firewall traversal, e.g. tunnelling or, creating pinholes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a data transmission method, and belongs to the technical field of networks. The method comprises the following steps: the server side obtains the route configuration information and sends the route configuration information to the client side; the client establishes tunnel connection corresponding to the target application with the server according to the routing configuration information and a target data packet of the target application in at least one hybrid application; the client sends the target data packet to the server through tunnel connection; the server side forwards the target data packet to an intranet server corresponding to the target data packet, and sends a response data packet of the intranet server to the client side through tunnel connection; and the client sends the response data packet to the target hybrid application. The method can establish tunnel connection corresponding to each hybrid application between the client and the server, and send the data packet through the tunnel connection, so that the security is high. The problem of lower security of the data transmission process in the correlation technique is solved. The effect of improving the safety of data transmission is achieved.

Description

Data transmission method, device, system and computer storage medium
Technical Field
The present application relates to the field of network technologies, and in particular, to a data transmission method, apparatus, system, and computer storage medium.
Background
Hybrid App is an application that combines Native App (Native App) and Web App (Web App), and has the characteristics of both Native App and Web App.
A data transmission system comprises a client and a Virtual Private Network (VPN) server, wherein a plurality of mixed applications run in the client. When the hybrid application is to communicate with an intranet server, the hybrid application may send the data packet to a Virtual Private Network (VPN) server, and the VPN server directly sends the data packet to the intranet server.
However, the above-described procedure of data transmission is low in security.
Disclosure of Invention
The embodiment of the application provides a data transmission method, a data transmission device, a data transmission system and a computer storage medium. The technical scheme is as follows:
in one aspect of the present application, a data transmission method is provided, where the data transmission method is used in a data transmission system, where the data transmission system includes a client and a server, and at least one hybrid application runs in the client, and the method includes:
the server side obtains routing configuration information and sends the routing configuration information to the client side;
the client establishes tunnel connection corresponding to the target application with the server according to the routing configuration information and a target data packet of the target application in the at least one hybrid application;
the client side sends the target data packet to the server side through the tunnel connection;
the server side forwards the target data packet to an intranet server corresponding to the target data packet;
the server side sends a response data packet of the intranet server to the client side through the tunnel connection;
and the client sends the response data packet to the target hybrid application.
In another aspect of the present application, a data transmission method is provided for a client, in which at least one hybrid application runs, and the method includes:
receiving routing configuration information;
acquiring a target data packet of a target application in the at least one hybrid application;
establishing tunnel connection corresponding to the target application with a server corresponding to the target application according to the routing configuration information and the target data packet;
the target data packet is sent to the server through the tunnel connection, and the server is used for sending the target data packet to an intranet server corresponding to the target application and receiving a response data packet fed back by the intranet server;
receiving a response data packet fed back by the server according to the target data packet through the tunnel connection;
and sending the response data packet to the target application.
Optionally, before the hybrid applications in the client are at least two, and before the tunnel connection corresponding to the target application is established with the server according to the routing configuration information and the target data packet, the method further includes:
generating at least two virtual network cards, wherein a target virtual network card in the at least two virtual network cards corresponds to the target application;
the sending the target data packet to the server through the tunnel connection includes:
and sending the target data packet from the tunnel connection to the server side through the target virtual network card.
Optionally, the receiving, through the tunnel connection, a response packet fed back by the server according to the target packet includes:
and receiving a response data packet fed back by the server according to the target data packet from the tunnel connection through the target virtual network card.
Optionally, the obtaining a destination data packet of a target application in the at least one hybrid application includes:
acquiring a destination data packet of one application in the at least one hybrid application;
and determining the target application corresponding to the target data packet according to the target internet interconnection protocol address of the target data packet.
Optionally, the establishing, according to the routing configuration information and the target data packet, a tunnel connection corresponding to the target application with the server includes:
and establishing an encrypted tunnel connection corresponding to the target application with the server side according to the routing configuration information and the target data packet.
In another aspect of the present application, a data transmission method is provided, where the data transmission method is used for a server, and the method includes:
acquiring route configuration information;
sending the routing configuration information to the client;
establishing a tunnel connection corresponding to a target application in the at least one hybrid application with the client;
receiving a target data packet of the target application sent by the client through the tunnel connection;
sending the target data packet to an intranet server corresponding to the target application;
receiving a response data packet fed back by the intranet server;
and sending the response data packet to the client through the tunnel connection.
Optionally, before sending the target data packet to the intranet server corresponding to the target application, the method further includes:
authenticating the target data packet;
and when the authentication is passed, executing the step of sending the target data packet to the intranet server corresponding to the target application.
In another aspect of the application, there is provided a data transmission apparatus comprising a processor and a memory, the memory having stored therein at least one instruction, at least one program, set of codes, or set of instructions, the at least one instruction, the at least one program, set of codes, or set of instructions, which is loaded and executed by the processor to implement a method of data transmission as claimed in any preceding claim for performing the method of data transmission.
In another aspect of the present application, there is provided a computer storage medium having at least one instruction, at least one program, set of codes, or set of instructions stored therein, which is loaded and executed by a processor to implement any of the data transmission methods described above.
In another aspect of the present application, a data transmission system is provided, where the data transmission system includes a client and a server, and the client and the server may include the data transmission apparatus described above.
The technical scheme provided by the embodiment of the application has the following beneficial effects:
when a client communicates with an intranet server connected with a server, a tunnel connection corresponding to each hybrid application can be established between the client and the server, and a data packet can be sent through the tunnel connection. And then realized the function of sending the data packet to intranet server, and the security is higher. The problem of lower security of the data transmission process in the correlation technique is solved. The effect of improving the safety of data transmission is achieved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a schematic illustration of an implementation environment to which embodiments of the present application relate;
fig. 2 is a schematic structural diagram of a data transmission method according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of another data transmission method provided in an embodiment of the present application;
fig. 4 is a schematic structural diagram of another data transmission method provided in the embodiment of the present application;
fig. 5 is a schematic structural diagram of another data transmission method provided in the embodiment of the present application;
fig. 6 is a block diagram of a client in the data transmission method according to the embodiment of the present application;
fig. 7 is a block diagram of a server in the data transmission method according to the embodiment of the present application;
fig. 8 is a block diagram of a data transmission system according to an embodiment of the present application;
fig. 9 is a block diagram illustrating a structure of a data transmission apparatus according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of another data transmission device provided in an embodiment of the present application;
fig. 11 is a schematic structural diagram of a data transmission device according to an embodiment of the present application;
fig. 12 is a schematic structural diagram of a data transmission device according to an embodiment of the present application.
With the above figures, there are shown specific embodiments of the present application, which will be described in more detail below. These drawings and written description are not intended to limit the scope of the inventive concepts in any manner, but rather to illustrate the inventive concepts to those skilled in the art by reference to specific embodiments.
Detailed Description
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
At present, although each hybrid application in a client can guarantee service logic isolation, data isolation on a network layer cannot be guaranteed, and theoretically, the problem of data leakage among different hybrid applications still exists.
Fig. 1 is a schematic diagram of an implementation environment provided by an embodiment of the present application. The implementation environment may include a server 11 and a client 12.
The server 11 may be one end that provides data services for clients. The server may be connected to an intranet server (not shown in fig. 1).
The client 12 may be a terminal providing a service for a user, and the client may operate in a terminal, which may be a mobile phone, a tablet computer, a notebook computer, an intelligent wearable device, or other various terminals with a conversation function. The client 12 may be connected to the server by wire or wirelessly (fig. 1 shows a case where the connection is made wirelessly). At least one hybrid application may be running in the client 12.
As shown in fig. 2, which is a schematic structural diagram of a data transmission method provided in the embodiment of the present application, the data transmission method may be used in a client and a server. The data transmission method can comprise the following steps:
step 201, the server side obtains the route configuration information and sends the route configuration information to the client side.
Step 202, the client establishes a tunnel connection corresponding to the target application with the server according to the routing configuration information and the target data packet of the target application in the at least one hybrid application.
And step 203, the client sends the target data packet to the server through the tunnel connection.
And step 204, the server side forwards the target data packet to an intranet server corresponding to the target data packet.
And step 205, the server sends the response data packet of the intranet server to the client through the tunnel connection.
Step 206, the client sends the response data packet to the target hybrid application.
To sum up, in the data transmission method provided in the embodiment of the present application, when the client communicates with the intranet server connected to the server, a tunnel connection corresponding to each hybrid application may be established between the client and the server, and the data packet may be sent through the tunnel connection. And then realized the function of sending the data packet to intranet server, and the security is higher. The problem of lower security of the data transmission process in the correlation technique is solved. The effect of improving the safety of data transmission is achieved.
Fig. 3 is a schematic structural diagram of a data transmission method provided in an embodiment of the present application, where the data transmission method may be used in a client. The data transmission method can comprise the following steps:
step 301, receiving routing configuration information.
Step 302, a destination data packet of a target application in at least one hybrid application is obtained.
Step 303, establishing a tunnel connection corresponding to the target application according to the routing configuration information and the target data packet and the server corresponding to the target application.
And step 304, sending the target data packet to a server through tunnel connection, wherein the server is used for sending the target data packet to an intranet server corresponding to the target application and receiving a response data packet fed back by the intranet server.
And 305, receiving a response data packet fed back by the server according to the target data packet through the tunnel connection.
Step 306, sending the response data packet to the target application.
To sum up, in the data transmission method provided in the embodiment of the present application, when the client communicates with the intranet server connected to the server, a tunnel connection corresponding to each hybrid application may be established between the client and the server, and the data packet may be sent through the tunnel connection. And then realized the function of sending the data packet to intranet server, and the security is higher. The problem of lower security of the data transmission process in the correlation technique is solved. The effect of improving the safety of data transmission is achieved.
Fig. 4 is a schematic structural diagram of a data transmission method provided in the embodiment of the present application, where the data transmission method may be used in a server. The data transmission method can comprise the following steps:
step 401, obtaining route configuration information.
Step 402, sending the routing configuration information to the client.
And step 403, establishing a tunnel connection corresponding to the target application in the at least one hybrid application with the client.
And step 404, receiving a target data packet of the target application sent by the client through the tunnel connection.
And step 405, sending the target data packet to an intranet server corresponding to the target application.
And step 406, receiving a response data packet fed back by the intranet server.
Step 407, sending the response data packet to the client through the tunnel connection.
To sum up, in the data transmission method provided in the embodiment of the present application, when the client communicates with the intranet server connected to the server, a tunnel connection corresponding to each hybrid application may be established between the client and the server, and the data packet may be sent through the tunnel connection. And then realized the function of sending the data packet to intranet server, and the security is higher. The problem of lower security of the data transmission process in the correlation technique is solved. The effect of improving the safety of data transmission is achieved.
Fig. 5 is a schematic structural diagram of a data transmission method provided in the embodiment of the present application, where the data transmission method may be used in a client and a server. The data transmission method can comprise the following steps:
step 501, the server side obtains the routing configuration information and sends the routing configuration information to the client side.
The server may obtain the routing configuration information in a self-learning manner through a Domain Name System (DNS), where the routing configuration information may include data such as a routing table and a DNS resolution table. In addition, the operator can directly input the routing configuration information into the value server.
Step 502, the client obtains a destination data packet of a target application in at least one hybrid application.
The number of the hybrid applications in the client may be multiple, and the client obtains a data packet of the multiple hybrid applications, where the data packet may include data that the hybrid application wants to send to an intranet server connected to the server. Wherein, the target application can be any application in the client.
Optionally, the process of the client acquiring the destination data packet may include the following two steps:
1) the client obtains a destination data packet of one of the at least one hybrid application.
The client can first obtain a destination data packet of the hybrid application in the client.
2) And the client determines the target application corresponding to the target data packet according to the target internet interconnection protocol address of the target data packet.
After obtaining the destination packet, the client may extract a destination Internet Protocol (IP) address in the destination packet to determine a destination hybrid application corresponding to the destination IP. Therefore, the client distinguishes the data packets and obtains the corresponding relation between the data packets and the mixed reference.
Step 503, the client generates at least two virtual network cards, and a target virtual network card of the at least two virtual network cards corresponds to the target application.
The client can generate a virtual network card corresponding to the target application, and after the virtual network card is generated, the client can configure a flow strategy according to the routing configuration information and respectively use different network cards to transmit data according to the flow strategy, so that the isolation of data of different mixed applications can be realized, and the safety of data transmission is improved.
Step 504, the client establishes a tunnel connection corresponding to the target application with the server according to the routing configuration information and the target data packet of the target application in the at least one hybrid application.
The tunnel connection is realized by a tunnel technology, a data packet is encapsulated again when entering the tunnel, and the encapsulated data packet is routed between two endpoints of the tunnel through a public internet. The logical path through which the encapsulated packet passes over the public internetwork is called a tunnel.
Alternatively, the tunnel connection may be an encrypted tunnel connection, which may be a tunnel connection encrypted using Secure Sockets Layer (SSL) protocol or other encryption protocol.
The client can establish a plurality of encrypted tunnel connections with the server through different virtual network cards, so that different hybrid applications can be transmitted through different tunnel connections, and the transmission safety of each hybrid application is improved.
And 505, the client sends the target data packet to the server from the tunnel connection through the target virtual network card.
The client may repackage the target packet according to the tunneling protocol, and then send the target packet to the server through the tunneling.
Step 506, the server side authenticates the target data packet.
After receiving the newly encapsulated target data packet through the tunnel connection, the server may unpack the newly encapsulated target data packet and authenticate the newly encapsulated target data packet, where the authentication mode may refer to related technologies, and may, for example, authenticate the newly encapsulated target data packet through a user name and a password of the client, which is not limited in this embodiment of the present application.
And step 507, when the authentication is passed, the server side sends the target data packet to an intranet server corresponding to the target application.
When the authentication is passed, the server may inject the destination packet into a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, and forward the destination packet to the intranet server through the TCP/IP stack. Alternatively, the server may also forward the destination data packet to the intranet server in other manners, which is not limited in this embodiment of the present application.
When the authentication fails, the client may discard the destination packet.
And step 508, the server sends the response data packet of the intranet server to the client through the tunnel connection.
After receiving the destination data packet, the intranet server may feed back a response data packet to the server according to the destination data packet, and the server may send the response data packet through the tunnel connectivity client.
For the client, the response data packet fed back by the server according to the target data packet can be received from the tunnel connection through the target virtual network card, so that the isolation of the data packets of different mixed applications is ensured, and the safety of data transmission is improved.
In step 509, the client sends the response packet to the target hybrid application.
After receiving the destination data packet, the client may transmit the destination data packet to the destination hybrid application according to the TCP/IP protocol stack.
Fig. 6 is a block diagram of a client in the data transmission method according to the embodiment of the present application. The hybrid application a, the hybrid application B, and the hybrid application C may be run in the client through the hybrid container. In addition, the client also comprises a virtual network card, a flow identification module, a data encryption module and a tunnel management module.
The virtual network card may be configured to forward data packets of different hybrid applications, the traffic identification module may identify the hybrid application corresponding to the data packet according to the data packet, and the tunnel management module may be configured to establish a tunnel connection and manage the tunnel connection.
Fig. 7 is a block diagram of a system structure of a server in the data transmission method according to the embodiment of the present application. The server can comprise a tunnel management module, an access authentication module, a data encryption and decryption module, a route forwarding service module, a configuration service module and a DNS learning module. The tunnel management module can be used for establishing tunnel connection and managing tunnel connection, the access authentication module can be used for authenticating a data packet sent by mixed application, the data encryption and decryption module can be used for decrypting and encrypting the data packet transmitted in the encrypted tunnel connection, the configuration service module is used for acquiring routing configuration information, the DNS learning module can be used for acquiring the configuration information in a DNS learning mode, the routing forwarding service module can respectively send data flow of application A, application B and application C to the core routing module, and the core routing module can be connected with the intranet server A, the intranet server B and the intranet server C. The core routing module can send the data of different mixed applications to different intranet servers.
Fig. 8 is a block diagram of a data transmission system formed by a client and a server in a data transmission method according to an embodiment of the present application. The client may include an application layer, a network layer, and a tunnel layer, where the intranet application in the application layer may include a hybrid application. The network layer can comprise a local VPN service module, a traffic identification module and a traffic policy management module, and the tunnel layer can comprise a tunnel policy management module, a tunnel management module and a data encryption and decryption module.
The service end can include a service layer, a network layer and a tunnel layer, wherein the service layer includes a DNS service module and an application service module, the network layer includes an intranet forwarding module, an Access Control List (ACL) policy module and an Access authentication module, and the tunnel layer includes a tunnel policy management module, a tunnel management module and a data encryption and decryption module. An encrypted tunnel connection can be established between the tunnel layer of the server and the tunnel layer of the client, and the connection can carry out data transmission of hybrid application.
It should be noted that, the order of the steps of the data transmission method provided in the embodiment of the present application may be appropriately adjusted, and the steps may also be increased or decreased according to the circumstances, and any method that can be easily conceived by a person skilled in the art within the technical scope disclosed in the present application shall be included in the protection scope of the present application, and therefore, the details are not described again.
To sum up, in the data transmission method provided in the embodiment of the present application, when the client communicates with the intranet server connected to the server, a tunnel connection corresponding to each hybrid application may be established between the client and the server, and the data packet may be sent through the tunnel connection. And then realized the function of sending the data packet to intranet server, and the security is higher. The problem of lower security of the data transmission process in the correlation technique is solved. The effect of improving the safety of data transmission is achieved.
Fig. 9 is a schematic structural diagram of a data transmission device according to an embodiment of the present application, where the data transmission device may be partially or wholly incorporated in a client. The data transmission apparatus 900 may include:
a receiving module 910, configured to receive the routing configuration information.
An obtaining module 920, configured to obtain a destination data packet of a target application in at least one hybrid application.
The first tunnel establishing module 930 is configured to establish a tunnel connection corresponding to the target application according to the routing configuration information and the target data packet, and the server corresponding to the target application.
And a data packet sending module 940, configured to send the target data packet to the server through tunnel connection, where the server is configured to send the target data packet to an intranet server corresponding to the target application, and receive a response data packet fed back by the intranet server.
The response receiving module 950 is configured to receive, through the tunnel connection, a response packet fed back by the server according to the target packet.
A response forwarding module 960 for sending the response packet to the target application.
To sum up, the data transmission device provided in this embodiment of the present application can establish a tunnel connection corresponding to each hybrid application between the client and the server when the client communicates with the intranet server connected to the server, and send a data packet through the tunnel connection. And then realized the function of sending the data packet to intranet server, and the security is higher. The problem of lower security of the data transmission process in the correlation technique is solved. The effect of improving the safety of data transmission is achieved.
Fig. 10 is a schematic structural diagram of a data transmission device according to an embodiment of the present application, where the data transmission device may be partially or wholly incorporated in a server. The data transmission apparatus 1000 may include:
a policy obtaining module 1010, configured to obtain the routing configuration information.
A policy sending module 1020, configured to send the routing configuration information to the client.
A second tunnel establishing module 1030, configured to establish a tunnel connection corresponding to a target application in the at least one hybrid application with the client.
The data packet receiving module 1040 is configured to receive, through the tunnel connection, a target data packet of the target application sent by the client.
And the data packet forwarding module 1050 is configured to send the target data packet to the intranet server corresponding to the target application.
The response receiving module 1060 is configured to receive a response data packet fed back by the intranet server.
The response sending module 1070 is configured to send the response packet to the client through the tunnel connection.
To sum up, the data transmission device provided in this embodiment of the present application can establish a tunnel connection corresponding to each hybrid application between the client and the server when the client communicates with the intranet server connected to the server, and send a data packet through the tunnel connection. And then realized the function of sending the data packet to intranet server, and the security is higher. The problem of lower security of the data transmission process in the correlation technique is solved. The effect of improving the safety of data transmission is achieved.
In another aspect of the application, there is provided a data transmission apparatus comprising a processor and a memory, the memory having stored therein at least one instruction, at least one program, set of codes, or set of instructions, the at least one instruction, the at least one program, set of codes, or set of instructions being loaded and executed by the processor to implement a method as claimed in any one of the preceding claims for performing the method of data transmission described above.
Fig. 11 is a schematic structural diagram of a data transmission device according to an embodiment of the present application. The data transmission device 1100 may be a server.
In general, the data transmission apparatus 1100 includes: a processor 1101 and a memory 1102.
Processor 1101 may include one or more processing cores, such as a 5-core processor, an 8-core processor, or the like. The processor 1101 may be implemented in at least one hardware form selected from Digital Signal Processing (DSP), field-programmable gate array (FPGA), and Programmable Logic Array (PLA). The processor 1101 may also include a main processor and a coprocessor, where the main processor is a processor for processing data in an awake state, and is also called a Central Processing Unit (CPU); a coprocessor is a low power processor for processing data in a standby state. In some embodiments, the processor 1101 may be integrated with a Graphics Processing Unit (GPU) that is responsible for rendering and drawing the content that the display screen needs to display. In some embodiments, processor 1101 may also include an Artificial Intelligence (AI) processor for processing computational operations related to machine learning.
Memory 1102 may include one or more computer-readable storage media, which may be non-transitory. Memory 1102 can also include high-speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In some embodiments, a non-transitory computer readable storage medium in memory 1102 is used to store at least one instruction for execution by processor 1101 to implement the data transmission methods provided by the method embodiments of the present application.
In some embodiments, the data transmission apparatus 1100 may further include: a peripheral interface 1103 and at least one peripheral. The processor 1101, memory 1102 and peripheral interface 1103 may be connected by a bus or signal lines. Various peripheral devices may be connected to the peripheral interface 1103 by buses, signal lines, or circuit boards. Specifically, the peripheral device includes: at least one of radio frequency circuitry 1104, touch screen display 1106, camera 1106, audio circuitry 1107, positioning component 1108, and power supply 1109.
The peripheral interface 1103 may be used to connect at least one input/output (I/O) related peripheral to the processor 1101 and the memory 1102. In some embodiments, the processor 1101, memory 1102, and peripheral interface 1103 are integrated on the same chip or circuit board; in some other embodiments, any one or two of the processor 1101, the memory 1102 and the peripheral device interface 1103 may be implemented on separate chips or circuit boards, which is not limited by this embodiment.
The radio frequency circuit 1104 is used to receive and transmit Radio Frequency (RF) signals, also known as electromagnetic signals. The radio frequency circuit 1104 communicates with communication networks and other communication devices via electromagnetic signals. The radio frequency circuit 1104 converts an electric signal into an electromagnetic signal to transmit, or converts a received electromagnetic signal into an electric signal. Optionally, the radio frequency circuit 1104 includes: an antenna system, an RF transceiver, one or more amplifiers, a tuner, an oscillator, a digital signal processor, a codec chipset, a subscriber identity module card, and so forth. The radio frequency circuit 1104 may communicate with other terminals via at least one wireless communication protocol. The wireless communication protocols include, but are not limited to: metropolitan area networks, various generation mobile communication networks (2G, 3G, 4G, and 5G), wireless local area networks, and/or wireless fidelity (WiFi) networks. In some embodiments, the rf circuit 1104 may further include a Near Field Communication (NFC) related circuit, which is not limited in this application.
The display screen 1105 is used to display a User Interface (UI). The UI may include graphics, text, icons, video, and any combination thereof. When the display screen 1105 is a touch display screen, the display screen 1105 also has the ability to capture touch signals on or over the surface of the display screen 1105. The touch signal may be input to the processor 1101 as a control signal for processing. At this point, the display screen 1105 may also be used to provide virtual buttons and/or a virtual keyboard, also referred to as soft buttons and/or a soft keyboard. In some embodiments, the display screen 1105 may be one, providing the front panel of the data transfer device 1100; in other embodiments, the display screens 1105 may be at least two, respectively disposed on different surfaces of the data transmission device 1100 or in a folded design; in still other embodiments, the display 1105 may be a flexible display disposed on a curved surface or a folded surface of the data transfer device 1100. Even further, the display screen 1105 may be arranged in a non-rectangular irregular pattern, i.e., a shaped screen. The display screen 1105 may be made of Liquid Crystal Display (LCD), organic light-emitting diode (OLED), and the like.
Camera assembly 1106 is used to capture images or video. Optionally, camera assembly 1106 includes a front camera and a rear camera. Generally, a front camera is disposed on a front panel of the data transmission device, and a rear camera is disposed on a rear surface of the data transmission device. In some embodiments, the number of the rear cameras is at least two, and each of the rear cameras is any one of a main camera, a depth-of-field camera, a wide-angle camera and a telephoto camera, so that the main camera and the depth-of-field camera are fused to realize a background blurring function, and the main camera and the wide-angle camera are fused to realize a panoramic shooting function and a Virtual Reality (VR) shooting function or other fusion shooting functions. In some embodiments, camera assembly 1106 may also include a flash. The flash lamp can be a monochrome temperature flash lamp or a bicolor temperature flash lamp. The double-color-temperature flash lamp is a combination of a warm-light flash lamp and a cold-light flash lamp, and can be used for light compensation at different color temperatures.
The audio circuitry 1107 may include a microphone and a speaker. The microphone is used for collecting sound waves of a user and the environment, converting the sound waves into electric signals, and inputting the electric signals to the processor 1101 for processing or inputting the electric signals to the radio frequency circuit 1104 to achieve voice communication. The plurality of microphones may be provided at different portions of the data transmission device 1100 for stereo sound collection or noise reduction purposes. The microphone may also be an array microphone or an omni-directional pick-up microphone. The speaker is used to convert electrical signals from the processor 1101 or the radio frequency circuit 1104 into sound waves. The loudspeaker can be a traditional film loudspeaker or a piezoelectric ceramic loudspeaker. When the speaker is a piezoelectric ceramic speaker, the speaker can be used for purposes such as converting an electric signal into a sound wave audible to a human being, or converting an electric signal into a sound wave inaudible to a human being to measure a distance. In some embodiments, the audio circuitry 1107 may also include a headphone jack.
The positioning component 1108 is used to locate the current geographic position of the transmitting device 1100 for navigation or Location Based Services (LBS). The positioning component 1108 may be a positioning component based on the Global Positioning System (GPS) of the united states, the beidou system of china, the graves system of russia, or the galileo system of the european union.
The power supply 1109 is used to supply power to the various components in the data transmission device 1100. The power supply 1109 may be alternating current, direct current, disposable or rechargeable. When the power supply 1109 includes a rechargeable battery, the rechargeable battery may support wired or wireless charging. The rechargeable battery may also be used to support fast charge technology.
In some embodiments, the data transfer device 1100 also includes one or more sensors 1110. The one or more sensors 1110 include, but are not limited to: acceleration sensor 1111, gyro sensor 1112, pressure sensor 1113, fingerprint sensor 1114, optical sensor 1115, and proximity sensor 1116.
The acceleration sensor 1111 may detect the magnitude of acceleration on three coordinate axes of the coordinate system established with the data transmission apparatus 1100. For example, the acceleration sensor 1111 may be configured to detect components of the gravitational acceleration in three coordinate axes. The processor 1101 may control the touch display screen 1105 to display a user interface in a landscape view or a portrait view according to the gravitational acceleration signal collected by the acceleration sensor 1111. The acceleration sensor 1111 may also be used for acquisition of motion data of a game or a user.
The gyro sensor 1112 may detect a body direction and a rotation angle of the data transmission apparatus 1100, and the gyro sensor 1112 may cooperate with the acceleration sensor 1111 to acquire a 3D motion of the user with respect to the data transmission apparatus 1100. From the data collected by gyroscope sensor 1112, processor 1101 may implement the following functions: motion sensing (such as changing the UI according to a user's tilting operation), image stabilization at the time of photographing, game control, and inertial navigation.
The pressure sensor 1113 may be disposed on a side bezel of the data transfer device 1100 and/or on an underlying layer of the touch screen 1105. When the pressure sensor 1113 is disposed on the side frame of the data transmission device 1100, the holding signal of the user to the data transmission device 1100 can be detected, and the processor 1101 performs left-right hand recognition or shortcut operation according to the holding signal collected by the pressure sensor 1113. When the pressure sensor 1113 is disposed at the lower layer of the touch display screen 1105, the processor 1101 controls the operability control on the UI interface according to the pressure operation of the user on the touch display screen 1105. The operability control comprises at least one of a button control, a scroll bar control, an icon control and a menu control.
The fingerprint sensor 1114 is configured to collect a fingerprint of the user, and the processor 1101 identifies the user according to the fingerprint collected by the fingerprint sensor 1114, or the fingerprint sensor 1114 identifies the user according to the collected fingerprint. Upon recognizing that the user's identity is a trusted identity, the user is authorized by the processor 1101 to perform relevant sensitive operations including unlocking the screen, viewing encrypted information, downloading software, paying for and changing settings, etc. The fingerprint sensor 1114 may be disposed on the front, back, or side of the data transfer device 1100. When a physical key or a vendor Logo is provided on the data transmission device 1100, the fingerprint sensor 1114 may be integrated with the physical key or the vendor Logo.
Optical sensor 1115 is used to collect ambient light intensity. In one embodiment, the processor 1101 may control the display brightness of the touch display screen 1105 based on the ambient light intensity collected by the optical sensor 1115. Specifically, when the ambient light intensity is high, the display brightness of the touch display screen 1105 is increased; when the ambient light intensity is low, the display brightness of the touch display screen 1105 is turned down. In another embodiment, processor 1101 may also dynamically adjust the shooting parameters of camera assembly 1106 based on the ambient light intensity collected by optical sensor 1115.
The proximity sensor 1116, also referred to as a distance sensor, is typically disposed on the front panel of the data transfer device 1100. The proximity sensor 1116 is used to capture the distance between the user and the front of the data transfer device 1100. In one embodiment, the touch display screen 1105 is controlled by the processor 1101 to switch from a bright screen state to a dark screen state when the proximity sensor 1116 detects that the distance between the user and the front face of the data transmission device 1100 is gradually decreasing; when the proximity sensor 1116 detects that the distance between the user and the front surface of the data transmission device 1100 becomes progressively larger, the touch display screen 1105 is controlled by the processor 1101 to switch from a breath-screen state to a light-screen state.
Those skilled in the art will appreciate that the configuration shown in fig. 11 does not constitute a limitation of the data transfer device 1100, and may include more or fewer components than those shown, or combine certain components, or employ a different arrangement of components.
Referring to fig. 12, a schematic structural diagram of a data transmission apparatus 1200 according to an embodiment of the present application is shown, where the data transmission apparatus 1200 may be a server. Illustratively, as shown in FIG. 12, the apparatus 1200 includes a Central Processing Unit (CPU)1201, a memory 1202, and a system bus 1203 connecting the memory 1202 and the central processing unit 1201, the memory 1202 may include a computer-readable medium (not shown) such as a hard disk or CD-ROM drive.
Without loss of generality, computer-readable storage media may comprise computer storage media and communication media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes RAM, ROM, EPROM, EEPROM, flash memory or other solid state memory technology, CD-ROM, DVD, or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices. Of course, those skilled in the art will appreciate that computer storage media is not limited to the foregoing.
The memory 1202 further includes one or more programs, and the one or more programs are stored in the memory and configured to be executed by the CPU to implement the method provided by the embodiment of the present disclosure.
Embodiments of the present application further provide a computer storage medium having at least one instruction, at least one program, code set, or instruction set stored therein, where the at least one instruction, the at least one program, code set, or instruction set is loaded and executed by a processor to implement any one of the data transmission methods described above.
The data transmission system in the embodiment of the present application includes a client and a server, where the client may include the data transmission device shown in fig. 11, and the server may include the data transmission device shown in fig. 12.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only exemplary of the present application and should not be taken as limiting, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the protection scope of the present application.

Claims (10)

1. A data transmission method, used in a data transmission system, where the data transmission system includes a client and a server, and at least one hybrid application runs in the client, and the method includes:
the server side obtains routing configuration information and sends the routing configuration information to the client side;
the client establishes tunnel connection corresponding to the target application with the server according to the routing configuration information and a target data packet of the target application in the at least one hybrid application;
the client side sends the target data packet to the server side through the tunnel connection;
the server side forwards the target data packet to an intranet server corresponding to the target data packet;
the server side sends a response data packet of the intranet server to the client side through the tunnel connection;
and the client sends the response data packet to the target application.
2. A data transmission method for a client in which at least one hybrid application runs, the method comprising:
receiving routing configuration information;
acquiring a target data packet of a target application in the at least one hybrid application;
establishing tunnel connection corresponding to the target application with a server corresponding to the target application according to the routing configuration information and the target data packet;
the target data packet is sent to the server through the tunnel connection, and the server is used for sending the target data packet to an intranet server corresponding to the target application and receiving a response data packet fed back by the intranet server;
receiving a response data packet fed back by the server according to the target data packet through the tunnel connection;
and sending the response data packet to the target application.
3. The method according to claim 2, wherein there are at least two hybrid applications in the client, and before the tunnel connection corresponding to the target application is established with the server according to the routing configuration information and the target packet, the method further comprises:
generating at least two virtual network cards, wherein a target virtual network card in the at least two virtual network cards corresponds to the target application;
the sending the target data packet to the server through the tunnel connection includes:
and sending the target data packet from the tunnel connection to the server side through the target virtual network card.
4. The method of claim 2, wherein obtaining the target data packet of the target application of the at least one hybrid application comprises:
acquiring a target data packet of one application in the at least one hybrid application;
and determining the target application corresponding to the target data packet according to the target internet interconnection protocol address of the target data packet.
5. The method according to claim 2, wherein the establishing a tunnel connection corresponding to the target application with the server according to the routing configuration information and the target packet comprises:
and establishing an encrypted tunnel connection corresponding to the target application with the server side according to the routing configuration information and the target data packet.
6. A data transmission method, used for a server, the method comprising:
acquiring route configuration information;
sending the routing configuration information to a client;
establishing tunnel connection corresponding to a target application in at least one hybrid application with the client;
receiving a target data packet of the target application sent by the client through the tunnel connection;
sending the target data packet to an intranet server corresponding to the target application;
receiving a response data packet fed back by the intranet server;
and sending the response data packet to the client through the tunnel connection.
7. The method according to claim 6, wherein before sending the target data packet to the intranet server corresponding to the target application, the method further comprises:
authenticating the target data packet;
and when the authentication is passed, executing the step of sending the target data packet to the intranet server corresponding to the target application.
8. A data transmission apparatus comprising a processor and a memory, said memory having stored therein at least one instruction, at least one program, set of codes, or set of instructions, said at least one instruction, said at least one program, set of codes, or set of instructions being loaded and executed by said processor to implement a method for performing any of the claims 2-5; and/or for performing the method of any one of claims 6 or 7.
9. A computer storage medium having stored therein at least one instruction, at least one program, set of codes, or set of instructions, which is loaded and executed by a processor to implement the method of any one of claims 2 to 5; and/or to implement the method according to claim 6 or 7.
10. A data transmission system, characterized in that the data transmission system comprises a client and a server, the client and the server comprising the data transmission apparatus according to claim 8.
CN202010182956.3A 2020-03-16 2020-03-16 Data transmission method, device, system and computer storage medium Active CN111447132B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010182956.3A CN111447132B (en) 2020-03-16 2020-03-16 Data transmission method, device, system and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010182956.3A CN111447132B (en) 2020-03-16 2020-03-16 Data transmission method, device, system and computer storage medium

Publications (2)

Publication Number Publication Date
CN111447132A CN111447132A (en) 2020-07-24
CN111447132B true CN111447132B (en) 2021-12-21

Family

ID=71627569

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010182956.3A Active CN111447132B (en) 2020-03-16 2020-03-16 Data transmission method, device, system and computer storage medium

Country Status (1)

Country Link
CN (1) CN111447132B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114448670B (en) * 2021-12-27 2023-06-23 天翼云科技有限公司 Data transmission method and device and electronic equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2264956A2 (en) * 2004-07-23 2010-12-22 Citrix Systems, Inc. Method for securing remote access to private networks
CN105491169A (en) * 2016-01-26 2016-04-13 苏州蜗牛数字科技股份有限公司 Data proxy method and system
CN105939312A (en) * 2015-08-26 2016-09-14 杭州迪普科技有限公司 Data transmission method and device
CN108566643A (en) * 2018-04-24 2018-09-21 深信服科技股份有限公司 APP access control methods, system, terminal device and storage medium
CN109412927A (en) * 2018-12-04 2019-03-01 新华三技术有限公司 A kind of more VPN data transmission methods, device and the network equipment
CN110324227A (en) * 2019-06-26 2019-10-11 厦门网宿有限公司 Data transmission method and vpn server in a kind of vpn server

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110166432B (en) * 2019-04-17 2023-10-17 平安科技(深圳)有限公司 Method for accessing intranet target service and method for providing intranet target service

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2264956A2 (en) * 2004-07-23 2010-12-22 Citrix Systems, Inc. Method for securing remote access to private networks
CN105939312A (en) * 2015-08-26 2016-09-14 杭州迪普科技有限公司 Data transmission method and device
CN105491169A (en) * 2016-01-26 2016-04-13 苏州蜗牛数字科技股份有限公司 Data proxy method and system
CN108566643A (en) * 2018-04-24 2018-09-21 深信服科技股份有限公司 APP access control methods, system, terminal device and storage medium
CN109412927A (en) * 2018-12-04 2019-03-01 新华三技术有限公司 A kind of more VPN data transmission methods, device and the network equipment
CN110324227A (en) * 2019-06-26 2019-10-11 厦门网宿有限公司 Data transmission method and vpn server in a kind of vpn server

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
动态P2P_VPN系统的研究与设计实现;王丹;《中国优秀硕士学位论文全文数据库 信息科技辑》;20110315;全文 *

Also Published As

Publication number Publication date
CN111447132A (en) 2020-07-24

Similar Documents

Publication Publication Date Title
CN108833607B (en) Physical address acquisition method, device and readable medium
CN108769992B (en) User authentication method, device, terminal and storage medium
CN111092809B (en) Method and device for pushing information in real time, computer equipment and storage medium
CN112003879B (en) Data transmission method for virtual scene, computer device and storage medium
CN112073421B (en) Communication processing method, communication processing device, terminal and storage medium
CN110602733B (en) Application acceleration and bandwidth management method, device, terminal and storage medium
CN111866140A (en) Fusion management apparatus, management system, service calling method, and medium
CN113726521A (en) Communication method, communication device, electronic equipment and readable storage medium
CN113206781A (en) Client control method, device, equipment and storage medium
CN110598386A (en) Data processing method, device and equipment based on block chain and storage medium
CN110365501B (en) Method and device for group joining processing based on graphic code
CN111523878A (en) Service processing method, device, system and storage medium
CN113852459A (en) Key agreement method, device and computer readable storage medium
CN110677262A (en) Block chain-based information notarization method, device and system
CN111447132B (en) Data transmission method, device, system and computer storage medium
CN109995704B (en) Advertisement blocking method, device, equipment and computer readable storage medium
CN110912830A (en) Method and device for transmitting data
CN111198922B (en) Game resource management method and device based on block chain
CN111324293B (en) Storage system, data storage method, data reading method and device
CN108837509B (en) method for configuring setting parameters of virtual scene, computer device and storage medium
CN114006692A (en) Data transmission method and device, computer equipment and storage medium
CN108683684B (en) Method, device and system for logging in target instant messaging application
CN110971692B (en) Method and device for opening service and computer storage medium
CN110380956B (en) Method, device and system for transmitting instant communication message
CN112528311A (en) Data management method and device and terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20210111

Address after: 511442 3108, 79 Wanbo 2nd Road, Nancun Town, Panyu District, Guangzhou City, Guangdong Province

Applicant after: GUANGZHOU CUBESILI INFORMATION TECHNOLOGY Co.,Ltd.

Address before: 511446 28th floor, block B1, Wanda Plaza, Wanbo business district, Nancun Town, Panyu District, Guangzhou City, Guangdong Province

Applicant before: GUANGZHOU HUADUO NETWORK TECHNOLOGY Co.,Ltd.

TA01 Transfer of patent application right
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20200724

Assignee: GUANGZHOU HUADUO NETWORK TECHNOLOGY Co.,Ltd.

Assignor: GUANGZHOU CUBESILI INFORMATION TECHNOLOGY Co.,Ltd.

Contract record no.: X2021440000054

Denomination of invention: Data transmission method, device, system and computer storage medium

License type: Common License

Record date: 20210208

EE01 Entry into force of recordation of patent licensing contract
GR01 Patent grant
GR01 Patent grant