CN111598575B - Business process control method, business process control device, electronic equipment and readable storage medium - Google Patents
Business process control method, business process control device, electronic equipment and readable storage medium Download PDFInfo
- Publication number
- CN111598575B CN111598575B CN202010428039.9A CN202010428039A CN111598575B CN 111598575 B CN111598575 B CN 111598575B CN 202010428039 A CN202010428039 A CN 202010428039A CN 111598575 B CN111598575 B CN 111598575B
- Authority
- CN
- China
- Prior art keywords
- request
- service
- target
- flow control
- atomic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/405—Establishing or using transaction specific rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/20—Software design
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/31—Programming languages or programming paradigms
- G06F8/311—Functional or applicative languages; Rewrite languages
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/36—Software reuse
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/325—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
- G06Q20/3255—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks using mobile network messaging services for payment, e.g. SMS
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Economics (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Development Economics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present disclosure provides a business process control method, including: acquiring a request for requesting to process an atomic service in a service flow, wherein the service flow comprises N atomic services with a dependency relationship, and N is an integer greater than 1; obtaining a target flow control rule corresponding to the request from a configuration center, wherein K flow control rules are configured in the configuration center, and K is an integer greater than 1; and performing security check control on the request according to the target flow control rule. The disclosure also provides a business process control device, an electronic device and a computer readable storage medium.
Description
Technical Field
The present disclosure relates to the field of internet technology, and more particularly, to a business process control method, a business process control apparatus, an electronic device, and a computer-readable storage medium.
Background
As service functions become more and more abundant, service flows become more and more complex. Taking internet financial transaction as an example, transaction scenes and payment modes are becoming rich, transaction flows are becoming more complex, and developers write specific legal security check codes in a service implementation method of each transaction link to ensure the security of the transaction flows.
However, the related technology is adopted to carry out legal security check, security check codes to be maintained are more and more complex and heavy, and a large amount of manual code combing and modifying work is difficult to ensure transaction security and adapt to agile development and continuous delivery.
Disclosure of Invention
In view of this, the present disclosure provides a business process control method, a business process control apparatus, an electronic device, and a computer-readable storage medium.
One aspect of the present disclosure provides a business process control method, including: acquiring a request for requesting to process an atomic service in a service flow, wherein the service flow comprises N atomic services with a dependency relationship, and N is an integer greater than 1; obtaining a target flow control rule corresponding to the request from a configuration center, wherein K flow control rules are configured in the configuration center, and K is an integer greater than 1; and performing security check control on the request according to the target flow control rule.
According to an embodiment of the present disclosure, the target flow control rule includes a target traffic identification policy and a target flow control policy.
According to an embodiment of the present disclosure, the performing security check control on the request according to the target flow control rule includes: determining an atomic service type corresponding to the request according to the target service identification strategy; determining whether the request is legal or not according to the atomic service type corresponding to the request and the corresponding preamble link and the target flow control strategy; and executing business logic corresponding to the request under the condition that the request is legal.
According to an embodiment of the present disclosure, the determining, according to the target flow control policy, whether the request is legal or not according to the atomic service type and the corresponding preamble link corresponding to the request includes: searching M business processing links matched with the preamble link from the target flow control strategy, wherein M is an integer greater than or equal to 1; judging whether a target link exists in the M service processing links; wherein the target link contains an atomic service type corresponding to the request; when a target link exists in the M service processing links, determining that the request is legal; and when the target link does not exist in the M service processing links, determining that the request is illegal.
According to an embodiment of the present disclosure, the determining whether the target link exists in the M service processing links includes: for each service processing link, extending the repeatable sequence in the service processing link to obtain M extended service processing links; when any one of the M extended service processing links contains an atomic service type corresponding to the request, determining that a target link exists in the M service processing links; and when none of the M extended service processing links contains an atomic service type corresponding to the request, determining that a target link does not exist in the M service processing links.
According to an embodiment of the present disclosure, the above method further includes: identifying repeatable sequences in the preamble after executing service logic corresponding to the request; performing deduplication processing on the repeatable sequence in the preamble link; and adding the atomic service type corresponding to the request to the preamble link after the de-duplication processing to generate a new preamble link.
According to an embodiment of the present disclosure, the above method further includes: after executing the business logic corresponding to the request, judging whether the business logic is executed successfully or not; and in case of successful execution, identifying a repeatable sequence in the preamble.
According to an embodiment of the present disclosure, the obtaining, from the configuration center, the target flow control rule corresponding to the request includes: analyzing the request and determining a target resource address corresponding to the request; and obtaining the target flow control rule from the configuration center according to the target resource address corresponding to the request, wherein each flow control rule configured in the configuration center has a corresponding resource address.
According to an embodiment of the present disclosure, the target flow control rule includes a target service identification policy, and the obtaining the target flow control rule from the configuration center according to a target resource address corresponding to the request includes: acquiring a target service identification strategy corresponding to the target resource address from the configuration center according to the target resource address corresponding to the request; determining an identification field for identifying the service type according to the target service identification strategy; and determining the atomic service type corresponding to the request according to the identification field for identifying the service type.
Another aspect of the present disclosure provides a business process control apparatus, including: the first acquisition module is used for acquiring a request for requesting to process the atomic business in a business process, wherein the business process comprises N atomic businesses with a dependency relationship, and N is an integer greater than 1; a second obtaining module, configured to obtain, from a configuration center, a target flow control rule corresponding to the request, where the configuration center is configured with K flow control rules, where K is an integer greater than 1; and the control module is used for carrying out safety verification control on the request according to the target flow control rule.
Another aspect of the present disclosure provides an electronic device, comprising: one or more processors; and a memory for storing one or more instructions that, when executed by the one or more processors, cause the one or more processors to implement the method as described above.
Another aspect of the present disclosure provides a computer-readable storage medium storing computer-executable instructions that, when executed, are configured to implement a method as described above.
Another aspect of the present disclosure provides a computer program comprising computer executable instructions which when executed are for implementing a method as described above.
According to the embodiment of the disclosure, because the technical means of acquiring the request for requesting to process the atomic service in the service flow, then acquiring the target flow control rule corresponding to the request from the configuration center, and performing security check control on the request according to the target flow control rule is adopted, because the flow control logic can be abstracted into a set of general rule check logic through unified adjustment and dynamic configuration of the flow control rule by the configuration center, the decoupling of the service function logic and the flow control logic is realized independently of the code for realizing the service function, and the specific legal security check code does not need to be written in the service realization method of each service link. Therefore, the technical problems that the safety check codes to be maintained in the related technology are more and more complex and heavy, and a large number of manual operations for combing and modifying the codes are difficult to ensure the service safety and adapt to agile development and sustained delivery are at least partially overcome, and the technical effects of ensuring the service safety and adapting to agile development and sustained delivery are further achieved.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent from the following description of embodiments thereof with reference to the accompanying drawings in which:
FIG. 1 schematically illustrates an exemplary system architecture to which business process control methods and apparatus may be applied, according to embodiments of the present disclosure;
FIG. 2 schematically illustrates a flow chart of a business process control method according to an embodiment of the disclosure;
FIG. 3 schematically illustrates a schematic diagram of a business process according to an embodiment of the disclosure;
FIG. 4 schematically illustrates a flow chart for obtaining target flow control rules corresponding to a request from a configuration center, in accordance with an embodiment of the present disclosure;
FIG. 5 schematically illustrates a flow diagram for security check control of requests according to a target flow control rule, in accordance with an embodiment of the present disclosure;
FIG. 6 schematically illustrates a flow chart for determining whether a request is legitimate according to a target flow control policy based on the atomic traffic type and corresponding preamble link corresponding to the request, according to an embodiment of the disclosure;
FIG. 7 schematically illustrates a schematic diagram of a preconfigured plurality of flow control strategies in accordance with an embodiment of the present disclosure;
fig. 8 schematically illustrates a flowchart for determining whether a target link exists among M traffic handling links according to an embodiment of the present disclosure;
FIG. 9 schematically illustrates a flow chart of a business process control method according to another embodiment of the present disclosure;
FIG. 10 schematically illustrates a flow chart of a business process control method according to another embodiment of the present disclosure;
FIG. 11 schematically illustrates a block diagram of a business process control device according to an embodiment of the disclosure; and
fig. 12 schematically illustrates a block diagram of a computer system suitable for implementing the above-described method according to an embodiment of the present disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is only exemplary and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the present disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. In addition, in the following description, descriptions of well-known structures and techniques are omitted so as not to unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and/or the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It should be noted that the terms used herein should be construed to have meanings consistent with the context of the present specification and should not be construed in an idealized or overly formal manner.
Where expressions like at least one of "A, B and C, etc. are used, the expressions should generally be interpreted in accordance with the meaning as commonly understood by those skilled in the art (e.g.," a system having at least one of A, B and C "shall include, but not be limited to, a system having a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a formulation similar to at least one of "A, B or C, etc." is used, in general such a formulation should be interpreted in accordance with the ordinary understanding of one skilled in the art (e.g. "a system with at least one of A, B or C" would include but not be limited to systems with a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
The embodiment of the disclosure provides a business process control method and a business process control device. The business flow control method comprises the following steps: acquiring a request for requesting to process an atomic service in a service flow, wherein the service flow comprises N atomic services with a dependency relationship, and N is an integer greater than 1; obtaining target flow control rules corresponding to the requests from a configuration center, wherein K flow control rules are configured in the configuration center, and K is an integer greater than 1; and performing security check control on the request according to the target flow control rule.
Fig. 1 schematically illustrates an exemplary system architecture 100 in which business process control methods and apparatus may be applied, according to embodiments of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which embodiments of the present disclosure may be applied to assist those skilled in the art in understanding the technical content of the present disclosure, but does not mean that embodiments of the present disclosure may not be used in other devices, systems, environments, or scenarios.
As shown in fig. 1, a system architecture 100 according to this embodiment may include a terminal device 101, a network 102, and a server 103. Network 102 is the medium used to provide communication links between terminal device 101 and server 103. Network 102 may include various connection types, such as wired and/or wireless communication links, and the like.
A user can interact with the server 103 through the network 102 using the terminal device 101, send a request for requesting to process an atomic service in a service flow to the server 103, and receive a message or the like. Various communication client applications may be installed on the terminal device 101, such as shopping class applications, web browser applications, search class applications, instant messaging tools, mailbox clients and/or social platform software, to name a few.
The terminal device 101 may be a variety of electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablets, laptop and desktop computers, and the like.
The server 103 may be a server providing various services, such as a background management server (for example only) providing support for websites browsed by the user using the terminal device 101. The background management server may analyze and process the received data such as the user request, and feed back the processing result (e.g., the web page, information, or data obtained or generated according to the user request) to the terminal device. The server 103 may include a configuration center for uniformly adjusting and dynamically configuring flow control rules.
It should be noted that, the business process control method provided by the embodiment of the present disclosure may be generally executed by the server 103. Accordingly, the business process control device provided in the embodiments of the present disclosure may be generally disposed in the server 103. The business process control method provided by the embodiments of the present disclosure may also be performed by a server or a server cluster that is different from the server 103 and is capable of communicating with the terminal device 101 and/or the server 103. Accordingly, the business process control apparatus provided by the embodiments of the present disclosure may also be disposed in a server or a server cluster that is different from the server 103 and is capable of communicating with the terminal device 101 and/or the server 103.
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Fig. 2 schematically illustrates a flow chart of a business process control method according to an embodiment of the present disclosure.
As shown in fig. 2, the method includes operations S201 to S203.
In operation S201, a request for requesting to process an atomic service in a service flow is acquired, where the service flow includes N atomic services having a dependency relationship, where N is an integer greater than 1.
According to an embodiment of the present disclosure, the request for requesting to process the atomic service in the service flow may be a request transmitted in an execution order of the service flow. According to the embodiment of the disclosure, the number N of atomic services included in different service flows may be the same or different.
Fig. 3 schematically shows a schematic diagram of a business process according to an embodiment of the disclosure.
As shown in fig. 3, the business process includes atomic businesses 1-4, where N is equal to 4. The atomic services 1 to 4 have a dependency relationship, in other words, the atomic services 1 to 4 have an execution sequence. For example, after successful atomic service 1 is executed, atomic service 2 can be executed in the execution order of the service flows. The request for requesting to process an atomic service in the service flow may be for requesting to process one of the atomic services, for example, request to process an atomic service 3, but at this time, the atomic service 1 and the atomic service 2 need to have been successfully executed. According to embodiments of the present disclosure, there are dependencies between requests for different atomic services.
Taking a business process as an example of a transaction process, current internet financial transactions are mostly implemented as business links formed by connecting a plurality of http requests in series. Requests concatenated on links tend to have dependencies.
For example, in a payment transaction: pre-checking- > sending short message for requesting verification code- > sending verification code- > paying flow segment, before "paying" request processing, it is necessary to confirm that short message has been verified successfully, before continuing to complete payment request.
In operation S202, a target flow control rule corresponding to the request is acquired from a configuration center, where K flow control rules are configured in the configuration center, and K is an integer greater than 1.
According to the embodiment of the disclosure, a developer may preset a plurality of flow control rules in a configuration center. The plurality of flow control rules can be embodied in a rule definition file of the configuration center, so that asset accumulation of business check logic is realized; a real-time and fine control mode is provided for new business process online and production emergency, which is beneficial to flexible online of production emergency and new business process; and convenience is provided for realizing the monitoring and data analysis according to the transaction scene. In addition, the configuration center configures the flow control rules, so that the checking rules of various business scenes can be intuitively accumulated, and the new business expansion or the adjustment of the old business can be facilitated.
According to the embodiments of the present disclosure, for achieving the purpose of decoupling the flow control rules and the service functions through the configuration center, an AOP (Aspect Oriented programming abbreviation, meaning plane-oriented programming) mechanism of a Spring framework (a software development framework for solving the complexity problem of software development) may be utilized, which is implemented through custom annotation and plane technology. In general, the service function corresponds to a resource address (i.e. an http address), and in order to perform flow control before or after executing the logic of the service function, a comment may be declared before the mapping method of the http address that needs to perform flow control, and custom program logic may be added to implement flow control.
For example, define a custom name annotation, declare the custom name annotation before the http address mapping method that needs to be flow controlled. And defining a tangent plane implementation class, defining a tangent point on a method for declaring annotation of a custom name, writing a tangent plane method for the tangent point to increase custom program logic before and after implementation logic of the http address mapping method, wherein the tangent plane method can be a method which can be realized by Spring tangent plane programming.
According to embodiments of the present disclosure, annotations for flow control of resource addresses may be pre-declared before the mapping methods of different resource addresses. When the target flow control rule corresponding to the request is acquired from the configuration center, the corresponding flow control rule can be searched according to the http address corresponding to the request.
In operation S203, security check control is performed on the request according to the target flow control rule.
According to embodiments of the present disclosure, for example, a request for processing an atomic service in a service flow may be validated according to a target flow control rule.
According to embodiments of the present disclosure, the configuration center may be a database, a distributed cache, a distributed file system, or other storage medium.
According to the embodiment of the disclosure, because the technical means of acquiring the request for requesting to process the atomic service in the service flow, then acquiring the target flow control rule corresponding to the request from the configuration center, and performing security check control on the request according to the target flow control rule is adopted, because the flow control logic can be abstracted into a set of general rule check logic through unified adjustment and dynamic configuration of the flow control rule by the configuration center, the decoupling of the service function logic and the flow control logic is realized independently of the code for realizing the service function, and the specific legal security check code does not need to be written in the service realization method of each service link. Therefore, the technical problems that the safety check codes to be maintained in the related technology are more and more complex and heavy, and a large number of manual operations for combing and modifying the codes are difficult to ensure the service safety and adapt to agile development and sustained delivery are at least partially overcome, and the technical effects of ensuring the service safety and adapting to agile development and sustained delivery are further achieved.
The method shown in fig. 2 is further described below with reference to fig. 4-10 in conjunction with the exemplary embodiment.
Fig. 4 schematically illustrates a flow chart of obtaining target flow control rules corresponding to a request from a configuration center according to an embodiment of the disclosure.
As shown in fig. 4, acquiring the target flow control rule corresponding to the request from the configuration center includes operations S401 to S402.
In operation S401, the request is parsed, and a target resource address corresponding to the request is determined.
In operation S402, a target flow control rule is obtained from a configuration center according to a target resource address corresponding to the request, wherein each flow control rule configured in the configuration center has a corresponding resource address.
Taking a "payment" request as an example, according to an embodiment of the present disclosure, a target resource address corresponding to the "payment" request is: resource address 1. The target flow control rule may be obtained from the configuration center based on resource address 1.
According to an embodiment of the present disclosure, for example, a custom annotation for resource address 1 is pre-declared prior to the mapping method of resource address 1. When a user initiates a payment request, firstly entering a section logic of the custom annotation about the resource address 1, and acquiring a target flow control rule corresponding to a key value according to the key value of a key field in the custom annotation in the section logic.
According to an embodiment of the present disclosure, the target flow control rule includes a target service identification policy, and acquiring the target flow control rule from the configuration center according to a target resource address corresponding to the request includes: according to the target resource address corresponding to the request, a target service identification strategy corresponding to the target resource address is obtained from the configuration center, an identification field for identifying the service type is determined according to the target service identification strategy, and an atomic service type corresponding to the request is determined according to the identification field for identifying the service type.
According to embodiments of the present disclosure, a service identification policy may be used to identify what type of atomic service a request is.
According to embodiments of the present disclosure, for a traffic identification policy, it is possible to identify what type of atomic traffic this request represents by an upload field in the request, a field in the session data.
For example, an attribute key is added to the custom annotation of a resource address, and the attribute key is used to associate the http request resource address mapping method defined by the custom annotation with its corresponding policy configuration. When a user initiates an http request, the program logic first executes the slice logic corresponding to the mapping method. In the section logic, the corresponding service identification policy configuration can be obtained from the memory through annotating the attribute key value (the policy configuration in the memory is obtained from the configuration center and kept updated), and the atomic service of the http request is identified through the field name and the field value defined in the service identification policy.
For example, when a user initiates a "payment" request, first, a section logic of a custom annotation is entered, and in the section logic, according to key values of key fields in the custom annotation, service identification policy configuration corresponding to the method can be obtained.
According to the embodiment of the disclosure, the key field key in the custom annotation is used for associating a service identification policy with the custom annotation corresponding to the key value, that is, which http request resource address mapping method or methods can use the service identification policy to identify the atomic service.
The traffic identification policy may define which fields (fields in the session data or the upload fields) the http requests should take for traffic identification.
The service identification policy may further define a plurality of identification rules, where each identification rule may include an atomic service name corresponding to each branch of the http request and a field for identifying what atomic service the branch is in the value of the field.
According to an embodiment of the present disclosure, for example, when an application program receives an http request, the http request resource address mapping method declares the annotation including key= "X1", the application program obtains, in slice logic, a service identification policy corresponding to "X1" from a memory, then obtains a field defined in an identification rule from an upload field in session data carried by the request, and identifies what atomic service the http request is according to the field defined in the identification rule.
According to embodiments of the present disclosure, the target flow control rules may include a target flow control policy in addition to a target traffic identification policy. The target flow control policy may be used to determine whether an atomic service is legitimate, which may be performed.
According to the embodiment of the disclosure, whether the corresponding atomic service is legal or not is requested, whether the corresponding atomic service can be continuously executed or not is requested, an atomic service identification sequence (called as a 'preamble link' for short) stored in session data can be obtained, and is matched and judged by utilizing a flow control strategy, if the atomic service can be continuously processed, the atomic service is processed.
Fig. 5 schematically illustrates a flow chart of security check control of a request according to a target flow control rule, according to an embodiment of the disclosure.
As shown in fig. 5, performing security check control on a request according to a target flow control rule includes operations S501 to S503.
In operation S501, an atomic service type corresponding to a request is determined according to a target service identification policy.
In operation S502, according to the atomic service type and the corresponding preamble link corresponding to the request, whether the request is legal is determined according to the target flow control policy.
According to embodiments of the present disclosure, the preamble link corresponding to a request may be stored in session data carried by the request. And executing a strategy matching algorithm according to the target flow control strategy through a preamble link stored in session data and the atomic service type of the current atomic service to judge whether the current request is legal or not. And if the service logic is legal, releasing and continuing to execute the service logic.
In operation S503, in case it is determined that the request is legal, service logic corresponding to the request is executed.
According to the embodiment of the disclosure, under the condition that the request is illegal, the error code in the session data can be processed, and feedback information of illegal request is output.
According to the embodiment of the disclosure, if the request is determined to be illegal, the error codes and error information in the session data can be uniformly processed and illegal feedback information is returned, and the business logic is not executed.
The "policy matching algorithm" is described below.
Fig. 6 schematically illustrates a flow chart for determining whether a request is legitimate according to a target flow control policy according to an atomic traffic type and a corresponding preamble link corresponding to the request according to an embodiment of the disclosure.
As shown in fig. 6, according to the atomic service type and the corresponding preamble link corresponding to the request, it is determined whether the request is legal or not according to the target flow control policy, including operations S601 to S602.
In operation S601, M service processing links matching the preamble link are searched from the target flow control policy, where M is an integer greater than or equal to 1.
According to an embodiment of the present disclosure, the target flow control policy includes a plurality of service processing links that are preconfigured.
In operation S602, it is determined whether a target link exists among the M service processing links; wherein the target link contains an atomic service type corresponding to the request.
According to an embodiment of the present disclosure, in a case where it is determined that a target link including an atomic service type corresponding to a request exists among M service processing links, the request is determined to be legal.
According to an embodiment of the present disclosure, in a case where it is determined that a target link including an atomic service type corresponding to a request does not exist among M service processing links, it is determined that the request is illegal.
Taking a short message payment process as an example, a process control policy of the short message payment process stored in the configuration center may be expressed as follows:
smsPayFlow=atomic traffic 1- > [ [ atomic traffic 2] - > atomic traffic 3] - > atomic traffic 4.
The "=" is defined before is the name (simply referred to as flow) of a legal request link, and transaction statistics based on transaction scenario (link) can be performed according to the name later.
"=" is followed by legal request link definition, separating each atomic traffic with "- >".
The atomic traffic noted within "[ ]" is a repeatable atomic traffic.
The explanation of the flow control strategy of the short message payment flow is as follows:
the sms payment procedure is named "smsPayFlow".
The atomic service 1 may represent a pre-check atomic service, the atomic service 2 may represent a sms sending atomic service, the atomic service 3 may represent a sms check atomic service, and the atomic service 4 may represent a sms payment atomic service.
The meaning represented by the legal link of the flow control strategy of the short message payment flow is as follows: the page where the pre-verification is located can be repeatedly opened for a plurality of times; the short message can be sent repeatedly, but the precondition is that the short message can be sent after the pre-verification is finished; after the verification of the short message is completed, the user can fall back to the page for sending the short message to click the sending button again, and the verification is carried out again; but before payment, three steps of pre-checking, sending a short message and verifying the short message are needed to be completed in sequence, otherwise, the payment operation is not allowed to be executed.
According to the embodiment of the disclosure, pre-checking, sending a short message, checking a short message, and paying a short message are abstracted into A, D, D2, and C four atomic services, and the flow rule may be expressed as a middle link "a- > [ [ D1] - > D2] - > C in fig. 7.
Fig. 7 schematically illustrates a schematic diagram of a preconfigured plurality of flow control strategies in accordance with an embodiment of the present disclosure.
As shown in fig. 7, the pre-configured flow control strategy includes the following:
TestFlow1=A->[B]->C;
TestFlow2=A->[[D1]->D2]->C;
TestFlow3=A->[[E1->E2->E3]->D2]->C。
according to embodiments of the present disclosure, a "policy matching algorithm" may include the following operations.
Before the service logic is executed, a preamble link is acquired from the session data, and flows (such as one of TestFlow1, testFlow2 and TestFlow 3) matched with the preamble link are found in the preconfigured Flow control policy, and whether the following service node type is consistent with the atomic service type corresponding to the current request is identified in the flows. If the consistent flows exist, judging the request to be legal; otherwise, judging the request as illegal.
According to the embodiment of the disclosure, the atomic service type corresponding to the current request can be added to the stock preamble link and stored in the temporary variable of the memory, and compared with the flow control strategy pre-configured in the memory from left to right according to the execution sequence of the service flow.
According to the embodiment of the disclosure, the flow control policy matched with the preamble link may be a policy containing all the atomic service types in the preamble link, or may be a policy including all the atomic service types in the preamble link and having the same execution sequence of the atomic service.
Fig. 8 schematically illustrates a flowchart for determining whether a target link exists among M traffic handling links according to an embodiment of the present disclosure.
As shown in fig. 8, determining whether a target link exists among the M service processing links includes operations S801 to S803.
In operation S801, for each service processing link, a repeatable sequence in the service processing link is extended, so as to obtain M extended service processing links.
In operation S802, when any one of the M extended service processing links includes an atomic service type corresponding to the request, it is determined that a target link exists among the M service processing links.
In operation S803, when none of the M service processing links after extension contains an atomic service type corresponding to the request, it is determined that the target link does not exist among the M service processing links.
According to embodiments of the present disclosure, for example, a preamble sequence (i.e., a preamble link): a- > B, preamble matching to obtain: a > [ B ] - > C, there is only one repeatable sequence: [B] extended sequence: a- > B- > C. If the current service: b, after appending to the request sequence: a- > B matches the extended sequence and is therefore judged to be legitimate.
According to an embodiment of the present disclosure, for another example, the preamble sequence: a- > D1- > D2, and preamble matching to obtain: a > [ [ D1] - > D2] - > C, has two repeatable sequences: [D1] and [ D1- > D2], respectively extended sequences: a- > D1- > D2- > C and A- > D1- > D2- > D1-D2- > C. If the current service: d1, after appending to the request sequence: a- > D1- > D2- > D1 matches the second stretch and is therefore judged to be legitimate.
According to an embodiment of the present disclosure, for another example, the preamble sequence: a- > E1- > E2- > E3- > D2, preamble matching: a- > [ [ E1- > E2- > E3] - > D2] - > C, has two repeatable sequences: [ E1- > E2- > E3] and [ E1- > E2- > E3- > D2], sequences after the respective extension of the repeatable sequences: a- > E1- > E2- > E3- > D2- > C and A- > E1- > E2- > E3- > D2- > E1- > E2- > D2- > C. If the current service: e1, after appending to the request sequence: a- > E1- > E2- > E3- > D2- > E1 matches the first stretch and is therefore judged legal.
In order to facilitate the improvement of the verification efficiency, the extended sequence may be initialized into the memory when the policy configuration of the configuration center is dynamically acquired.
According to the embodiment of the disclosure, in order to avoid that a certain/group atomic service is repeatedly operated in a session, so that a 'preamble link' is too long, and the reading and writing efficiency of session data is affected, a 'sequence simplification algorithm' can be executed to make a simplified record on the 'preamble link'.
The "sequence reduction algorithm" is described below.
Fig. 9 schematically illustrates a flow chart of a business process control method according to another embodiment of the present disclosure.
The business process control method provided in this embodiment may be performed on the basis of any one of the above-mentioned fig. 2 to 8, and as shown in fig. 9, the method may further include operations S901 to S903.
In operation S901, after executing service logic corresponding to a request, a repeatable sequence in a preamble link is identified.
According to the embodiment of the disclosure, after executing the service logic corresponding to the request, whether the service logic is executed successfully or not can be judged; in the event of successful execution, a repeatable sequence in the preamble is identified.
In operation S902, a deduplication process is performed on repeatable sequences in a preamble link.
In operation S903, an atomic service type corresponding to the request is added to the de-duplicated preamble link, and a new preamble link is generated.
According to the embodiment of the disclosure, the 'repeatable atomic service group', namely 'repeatable sequence', which is included by [ ] can be identified in the flow according to the currently matched flow control strategy. Then, the deletable repeatable sequence in the preamble link is deduplicated.
According to the embodiment of the disclosure, the deletable repeatable sequence in the preamble link can be deleted directly, and then the atomic service type corresponding to the current request is added to the processed preamble link.
For example: current atomic service type: b, preamble link: a- > B, repeatable sequence: [B] after simplification: a- > B.
For another example: current atomic service type: d1, preamble link: a- > D1- > D2, repeatable sequence: [D1] and [ D1- > D2], the preamble link is matched from right to left [ D1- > D2], after simplification: a- > D1.
Also for example: current atomic service type: e1, the preamble link is A- > E1- > E2- > E3- > D2, repeatable sequence: [ E1- > E2- > E3] and [ E1- > E2- > E3- > D2], the front links are matched from right to left [ E1- > E2- > E3- > D2], and after simplification: a- > E1.
According to an embodiment of the present disclosure, the target flow control rule may further include a result judgment policy for judging whether one atomic service is successfully executed, in addition to the target service identification policy and the target flow control policy.
After the service logic processing is completed, the result judging strategy can be used for judging whether the atomic service is successfully executed, and if the atomic service is successfully executed, the identification of the atomic service is additionally recorded in a preamble link. The new "preamble link" will be used to determine if the next atomic service is legitimate.
According to embodiments of the present disclosure, whether this atomic service execution was successful may be identified by the return field of the request, a field in the session data. If the execution is successful, the type of the current atomic traffic needs to be appended to the "preamble link" trailer in the session data for the validity check of the next request.
Taking the short message check atom service as an example, after the logic execution of the request service is finished, a check field is stored in the session data, and the success or failure of the check can be determined according to the check field.
Before service logic is executed, the request is identified as a short message check atom service by a service identification policy, after the service logic is executed, the section logic obtains a result judgment policy corresponding to the short message check atom service from a memory, according to the result judgment policy, the section logic obtains a check field from session data, and if the field indicates that the atomic service is executed successfully, the short message check atom service needs to be added to the tail part of a 'preamble link' of the session data.
Fig. 10 schematically illustrates a flow chart of a business process control method according to another embodiment of the present disclosure.
As shown in fig. 10, the method may further include operations S1001 to S1011.
In operation S1001, according to the service identification policy, the upload field, and the session data, the atomic service corresponding to the current request is determined.
In operation S1002, a preamble link stored in session data is acquired.
In operation S1003, a validity check is performed on the preamble link according to the flow control policy.
In operation S1004, it is determined whether it is legal.
In operation S1005, if it is legal, the service logic is executed,
in operation S1006, if not legal, the error fields are uniformly assigned.
In operation S1007, a determination is made as to whether the request execution was successful, based on the result determination policy.
In operation S1008, it is determined whether the execution is successful.
In operation S1009, if the execution is successful, the atomic service type of the current request is appended to the preamble in the session data. If not, return to operation S1006, the error fields are uniformly assigned.
In operation S1010, sequence simplification is performed.
In operation S1011, a transaction monitoring log is recorded.
By the embodiment of the disclosure, decoupling of transaction logic and flow control logic is realized. The flow control rules are uniformly adjusted and dynamically configured through the configuration center, and all the control rules are embodied in the rule definition file, so that the asset accumulation of the business check logic is realized. The method provides a real-time and fine control mode for new business processes and production emergency. And convenience is provided for realizing the monitoring and data analysis according to the transaction scene.
Through the embodiment of the disclosure, the overall flow can be realized through custom annotation and section, and also can be realized through a filter or interceptor realized by other technical means, and the matching logic of the flow control strategy can be realized through a regular expression and a state machine module.
Fig. 11 schematically shows a block diagram of a business process control apparatus according to an embodiment of the present disclosure.
As shown in fig. 11, the business process control apparatus 1100 includes: a first acquisition module 1110, a second acquisition module 1120, and a control module 1130.
The first obtaining module 1110 is configured to obtain a request for processing an atomic service in a service flow, where the service flow includes N atomic services with a dependency relationship, and N is an integer greater than 1.
The second obtaining module 1120 is configured to obtain, from a configuration center, a target flow control rule corresponding to the request, where the configuration center is configured with K flow control rules, where K is an integer greater than 1.
The control module 1130 is configured to perform security check control on the request according to the target flow control rule.
According to the embodiment of the disclosure, because the technical means of acquiring the request for requesting to process the atomic service in the service flow, then acquiring the target flow control rule corresponding to the request from the configuration center, and performing security check control on the request according to the target flow control rule is adopted, because the flow control logic can be abstracted into a set of general rule check logic through unified adjustment and dynamic configuration of the flow control rule by the configuration center, the decoupling of the service function logic and the flow control logic is realized independently of the code for realizing the service function, and the specific legal security check code does not need to be written in the service realization method of each service link. Therefore, the technical problems that the safety check codes to be maintained in the related technology are more and more complex and heavy, and a large number of manual operations for combing and modifying the codes are difficult to ensure the service safety and adapt to agile development and sustained delivery are at least partially overcome, and the technical effects of ensuring the service safety and adapting to agile development and sustained delivery are further achieved.
According to an embodiment of the present disclosure, the target flow control rule includes a target traffic identification policy and a target flow control policy.
The control module comprises: a first determining unit, configured to determine an atomic service type corresponding to the request according to the target service identification policy; a second determining unit, configured to determine, according to the atomic service type and the corresponding preamble link corresponding to the request, whether the request is legal or not according to the target flow control policy; and the execution unit is used for executing service logic corresponding to the request under the condition that the request is determined to be legal.
The control module 1130 is further configured to process an error code in the session data if the request is determined to be illegal; and outputting feedback information of illegal request.
According to an embodiment of the disclosure, the determining, according to the atomic service type and the corresponding preamble link corresponding to the request and the target flow control policy, whether the request is legal includes: searching M business processing links matched with the preamble link from the target flow control strategy, wherein M is an integer greater than or equal to 1; judging whether a target link exists in the M service processing links; wherein the target link contains an atomic service type corresponding to the request; when a target link exists in the M service processing links, determining that the request is legal; and when the target link does not exist in the M service processing links, determining that the request is illegal.
According to an embodiment of the present disclosure, the business process control apparatus 1100 further includes: the device comprises an extension module, a first determination module, a second determination module and a third determination module.
The extension module is used for extending the repeatable sequence in the service processing links aiming at each service processing link to obtain M extended service processing links.
The first determining module is used for determining whether the extended service processing link contains an atomic service type corresponding to the request.
The second determining module is configured to determine that a target link exists in the M service processing links when any one of the M extended service processing links includes an atomic service type corresponding to the request.
And the third determining module is used for determining that a target link does not exist in the M business processing links when none of the M business processing links after extension contains the atomic business type corresponding to the request.
According to an embodiment of the present disclosure, the business process control apparatus 1100 further includes: the device comprises an identification module, a deduplication module and an addition module.
The identification module is configured to identify a repeatable sequence in the preamble after executing the business logic corresponding to the request.
The deduplication module is used for performing deduplication processing on repeatable sequences in the preamble link.
And the adding module is used for adding the atomic service type corresponding to the request to the preamble link after the deduplication process to generate a new preamble link.
According to an embodiment of the present disclosure, the business process control device 1100 further includes a judging module.
The judging module is used for judging whether the service logic is successfully executed after the service logic corresponding to the request is executed.
The identification module is used for identifying the repeatable sequence in the preamble link under the condition of successful execution.
According to an embodiment of the present disclosure, acquiring a target flow control rule corresponding to a request from a configuration center includes: analyzing the request and determining a target resource address corresponding to the request; and acquiring target flow control rules from the configuration center according to the target resource addresses corresponding to the requests, wherein each flow control rule configured in the configuration center has a corresponding resource address.
According to an embodiment of the present disclosure, the target flow control rule includes a target service identification policy, and acquiring the target flow control rule from the configuration center according to a target resource address corresponding to the request includes: acquiring a target service identification strategy corresponding to the target resource address from a configuration center according to the target resource address corresponding to the request; determining an identification field for identifying the service type according to the target service identification strategy; and determining the atomic service type corresponding to the request according to the identification field for identifying the service type.
According to an embodiment of the present disclosure, the business process control apparatus 1100 further includes: and the declaration module is used for pre-declaring comments for controlling the flow of the resource addresses before the mapping devices of different resource addresses.
Any number of modules, sub-modules, units, sub-units, or at least some of the functionality of any number of the sub-units according to embodiments of the present disclosure may be implemented in one module. Any one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be implemented as split into multiple modules. Any one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be implemented at least in part as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system-on-chip, a system-on-substrate, a system-on-package, an Application Specific Integrated Circuit (ASIC), or in any other reasonable manner of hardware or firmware that integrates or encapsulates the circuit, or in any one of or a suitable combination of three of software, hardware, and firmware. Alternatively, one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be at least partially implemented as computer program modules, which when executed, may perform the corresponding functions.
For example, any of the first acquisition module 1110, the second acquisition module 1120, and the control module 1130 may be combined in one module/unit/sub-unit, or any of the modules/units/sub-units may be split into a plurality of modules/units/sub-units. Alternatively, at least some of the functionality of one or more of these modules/units/sub-units may be combined with at least some of the functionality of other modules/units/sub-units and implemented in one module/unit/sub-unit. According to embodiments of the present disclosure, at least one of the first acquisition module 1110, the second acquisition module 1120, and the control module 1130 may be implemented at least in part as hardware circuitry, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in hardware or firmware in any other reasonable way of integrating or packaging circuitry, or in any one of or a suitable combination of any of the three. Alternatively, at least one of the first acquisition module 1110, the second acquisition module 1120, and the control module 1130 may be at least partially implemented as a computer program module, which when executed, may perform the corresponding functions.
It should be noted that, in the embodiment of the present disclosure, the portion of the business process control device corresponds to the portion of the business process control method in the embodiment of the present disclosure, where the business process control device may implement the business process control method, and the description of the portion of the business process control device specifically refers to the portion of the business process control method, which is not described herein again.
The embodiment of the disclosure also provides an electronic device, including: one or more processors; and a memory for storing one or more instructions that, when executed by the one or more processors, cause the one or more processors to implement the method as described above.
Embodiments of the present disclosure also provide a computer-readable storage medium having stored thereon executable instructions that, when executed by a processor, cause the processor to implement a method as described above.
Fig. 12 schematically illustrates a block diagram of a computer system suitable for implementing the above-described method according to an embodiment of the present disclosure. The computer system illustrated in fig. 12 is merely an example, and should not be construed as limiting the functionality and scope of use of the embodiments of the present disclosure.
As shown in fig. 12, a computer system 1200 according to an embodiment of the present disclosure includes a processor 1201 which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 1202 or a program loaded from a storage section 1208 into a Random Access Memory (RAM) 1203. The processor 1201 may include, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or an associated chipset and/or special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), or the like. Processor 1201 may also include on-board memory for caching purposes. The processor 1201 may include a single processing unit or multiple processing units for performing the different actions of the method flows according to embodiments of the disclosure.
In the RAM 1203, various programs and data required for the operation of the system 1200 are stored. The processor 1201, the ROM 1202, and the RAM 1203 are connected to each other through a bus 1204. The processor 1201 performs various operations of the method flow according to the embodiments of the present disclosure by executing programs in the ROM 1202 and/or RAM 1203. Note that the program may be stored in one or more memories other than the ROM 1202 and the RAM 1203. The processor 1201 may also perform various operations of the method flow according to embodiments of the present disclosure by executing programs stored in the one or more memories.
According to an embodiment of the disclosure, the system 1200 may also include an input/output (I/O) interface 1205, the input/output (I/O) interface 1205 also being connected to the bus 1204. The system 1200 may also include one or more of the following components connected to the I/O interface 1205: an input section 1206 including a keyboard, a mouse, and the like; an output portion 1207 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, a speaker, and the like; a storage section 1208 including a hard disk or the like; and a communication section 1209 including a network interface card such as a LAN card, a modem, or the like. The communication section 1209 performs communication processing via a network such as the internet. The drive 1210 is also connected to the I/O interface 1205 as needed. A removable medium 1211 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is installed as needed on the drive 1210 so that a computer program read out therefrom is installed into the storage section 1208 as needed.
According to embodiments of the present disclosure, the method flow according to embodiments of the present disclosure may be implemented as a computer software program. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable storage medium, the computer program comprising program code for performing the method shown in the flowcharts. In such an embodiment, the computer program can be downloaded and installed from a network via the communication portion 1209, and/or installed from the removable media 1211. The above-described functions defined in the system of the embodiments of the present disclosure are performed when the computer program is executed by the processor 1201. The systems, devices, apparatus, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the disclosure.
The present disclosure also provides a computer-readable storage medium that may be embodied in the apparatus/device/system described in the above embodiments; or may exist alone without being assembled into the apparatus/device/system. The computer-readable storage medium carries one or more programs which, when executed, implement methods in accordance with embodiments of the present disclosure.
According to embodiments of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium. Examples may include, but are not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this disclosure, a computer-readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
For example, according to embodiments of the present disclosure, the computer-readable storage medium may include the ROM 1202 and/or the RAM 1203 and/or one or more memories other than the ROM 1202 and the RAM 1203 described above.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. Those skilled in the art will appreciate that the features recited in the various embodiments of the disclosure and/or in the claims may be combined in various combinations and/or combinations, even if such combinations or combinations are not explicitly recited in the disclosure. In particular, the features recited in the various embodiments of the present disclosure and/or the claims may be variously combined and/or combined without departing from the spirit and teachings of the present disclosure. All such combinations and/or combinations fall within the scope of the present disclosure.
The embodiments of the present disclosure are described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described above separately, this does not mean that the measures in the embodiments cannot be used advantageously in combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be made by those skilled in the art without departing from the scope of the disclosure, and such alternatives and modifications are intended to fall within the scope of the disclosure.
Claims (10)
1. A business process control method, comprising:
acquiring a request for requesting to process an atomic service in a service flow, wherein the service flow comprises N atomic services with a dependency relationship, and N is an integer greater than 1;
obtaining a target flow control rule corresponding to the request from a configuration center, wherein K flow control rules are configured in the configuration center, and K is an integer greater than 1;
performing security check control on the request according to the target flow control rule, wherein the target flow control rule comprises a target service identification policy and a target flow control policy;
Wherein the performing security check control on the request according to the target flow control rule includes:
determining an atomic service type corresponding to the request according to the target service identification strategy;
executing a policy matching algorithm according to the atomic service type corresponding to the request and the corresponding preamble link acquired from the session data and the target flow control policy to determine whether the request is legal or not; and
and executing business logic corresponding to the request under the condition that the request is determined to be legal.
2. The method of claim 1, wherein the performing a policy matching algorithm to determine whether the request is legitimate according to the target flow control policy based on the atomic service type corresponding to the request and the corresponding preamble link obtained from session data comprises:
searching M business processing links matched with the preamble link from the target flow control strategy, wherein M is an integer greater than or equal to 1;
judging whether a target link exists in the M service processing links; wherein the target link contains an atomic service type corresponding to the request;
when the target links exist in the M service processing links, determining that the request is legal; and
And when the target link does not exist in the M service processing links, determining that the request is illegal.
3. The method of claim 2, the determining whether a target link exists in the M traffic handling links comprises:
for each service processing link, extending the repeatable sequence in the service processing link to obtain M extended service processing links;
when any one of the M extended service processing links contains an atomic service type corresponding to the request, determining that the target link exists in the M service processing links;
and when none of the M extended service processing links contains an atomic service type corresponding to the request, determining that the target link does not exist in the M service processing links.
4. The method of claim 1, further comprising:
identifying a repeatable sequence in the preamble link after executing the business logic corresponding to the request;
performing deduplication processing on repeatable sequences in the preamble link; and
and adding the atomic service type corresponding to the request to the preamble link after the de-duplication processing to generate a new preamble link.
5. The method of claim 4, wherein the identifying the repeatable sequence in the preamble link after executing the business logic corresponding to the request comprises:
after executing the business logic corresponding to the request, judging whether the business logic is executed successfully or not; and
in the event of successful execution, a repeatable sequence in the preamble is identified.
6. The method of claim 1, wherein the obtaining, from a configuration center, a target flow control rule corresponding to the request comprises:
analyzing the request and determining a target resource address corresponding to the request; and
and acquiring the target flow control rule from the configuration center according to the target resource address corresponding to the request, wherein each flow control rule configured in the configuration center has a corresponding resource address.
7. The method of claim 6, wherein the target flow control rule comprises a target traffic identification policy, the obtaining the target flow control rule from the configuration center according to a target resource address corresponding to the request comprising:
acquiring a target service identification strategy corresponding to the target resource address from the configuration center according to the target resource address corresponding to the request;
Determining an identification field for identifying the service type according to the target service identification strategy; and
and determining the atomic service type corresponding to the request according to the identification field for identifying the service type.
8. A business process control apparatus comprising:
the system comprises a first acquisition module, a second acquisition module and a processing module, wherein the first acquisition module is used for acquiring a request for requesting to process atomic services in a service flow, the service flow comprises N atomic services with a dependency relationship, and N is an integer greater than 1;
a second obtaining module, configured to obtain, from a configuration center, a target flow control rule corresponding to the request, where the configuration center is configured with K flow control rules, where K is an integer greater than 1;
the control module is used for carrying out safety verification control on the request according to the target flow control rule, wherein the target flow control rule comprises a target service identification strategy and a target flow control strategy;
wherein, the control module includes:
a first determining unit, configured to determine an atomic service type corresponding to the request according to the target service identification policy;
the second determining unit is used for executing a policy matching algorithm according to the atomic service type corresponding to the request and the corresponding preamble link acquired from the session data and the target flow control policy so as to determine whether the request is legal or not; and
And the execution unit is used for executing service logic corresponding to the request under the condition that the request is determined to be legal.
9. An electronic device, comprising:
one or more processors;
a memory for storing one or more instructions,
wherein the one or more instructions, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1 to 7.
10. A computer readable storage medium having stored thereon executable instructions which when executed by a processor cause the processor to implement the method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010428039.9A CN111598575B (en) | 2020-05-19 | 2020-05-19 | Business process control method, business process control device, electronic equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010428039.9A CN111598575B (en) | 2020-05-19 | 2020-05-19 | Business process control method, business process control device, electronic equipment and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111598575A CN111598575A (en) | 2020-08-28 |
| CN111598575B true CN111598575B (en) | 2023-09-05 |
Family
ID=72182696
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010428039.9A Active CN111598575B (en) | 2020-05-19 | 2020-05-19 | Business process control method, business process control device, electronic equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111598575B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112448956B (en) * | 2020-11-25 | 2022-10-04 | 平安普惠企业管理有限公司 | Authority processing method and device of short message verification code and computer equipment |
| CN112559095A (en) * | 2020-12-16 | 2021-03-26 | 微医云(杭州)控股有限公司 | Target service execution method, system, server and storage medium |
| CN112801613A (en) * | 2021-01-25 | 2021-05-14 | 山东浪潮通软信息科技有限公司 | Method, device, equipment and medium for realizing business process |
| CN113313476A (en) * | 2021-07-28 | 2021-08-27 | 深圳市永达电子信息股份有限公司 | Service information processing method, system, electronic device and storage medium |
| CN114610418A (en) * | 2022-03-15 | 2022-06-10 | 上海爱数信息技术股份有限公司 | Digital content processing method, device, electronic equipment, storage medium and product |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107944773A (en) * | 2017-12-29 | 2018-04-20 | 咪咕文化科技有限公司 | A kind of Business Process Control method, apparatus and storage medium |
| CN109447411A (en) * | 2018-09-26 | 2019-03-08 | 平安普惠企业管理有限公司 | Business Process Control method, apparatus, computer equipment and storage medium |
| CN110782240A (en) * | 2019-10-12 | 2020-02-11 | 上海陆家嘴国际金融资产交易市场股份有限公司 | Service data processing method and device, computer equipment and storage medium |
| CN110795709A (en) * | 2019-10-31 | 2020-02-14 | 北京达佳互联信息技术有限公司 | Method and device for performing business operation, electronic equipment and storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10320676B2 (en) * | 2014-02-28 | 2019-06-11 | Cisco Technology, Inc. | Smarter policy decisions based on metadata in data flows |
-
2020
- 2020-05-19 CN CN202010428039.9A patent/CN111598575B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107944773A (en) * | 2017-12-29 | 2018-04-20 | 咪咕文化科技有限公司 | A kind of Business Process Control method, apparatus and storage medium |
| CN109447411A (en) * | 2018-09-26 | 2019-03-08 | 平安普惠企业管理有限公司 | Business Process Control method, apparatus, computer equipment and storage medium |
| CN110782240A (en) * | 2019-10-12 | 2020-02-11 | 上海陆家嘴国际金融资产交易市场股份有限公司 | Service data processing method and device, computer equipment and storage medium |
| CN110795709A (en) * | 2019-10-31 | 2020-02-14 | 北京达佳互联信息技术有限公司 | Method and device for performing business operation, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111598575A (en) | 2020-08-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111598575B (en) | Business process control method, business process control device, electronic equipment and readable storage medium | |
| JP7028532B2 (en) | Methods, equipment and computer programs for managing the blockchain life cycle | |
| US10698742B2 (en) | Operation efficiency management with respect to application compile-time | |
| WO2019228843A1 (en) | Blockchain implementing delta storage | |
| CN110874739A (en) | Distributed computing and storage network implementing high integrity, high bandwidth, low latency, secure processing | |
| US20220004647A1 (en) | Blockchain implementation to securely store information off-chain | |
| US20200366660A1 (en) | System and methods for securely storing data for efficient access by cloud-based computing instances | |
| US10706102B2 (en) | Operation efficiency management with respect to application run-time | |
| US11615074B2 (en) | System and methods for intelligent path selection of enhanced distributed processors | |
| WO2022058183A1 (en) | Integrating device identity into a permissioning framework of a blockchain | |
| US20220156725A1 (en) | Cross-chain settlement mechanism | |
| US11943360B2 (en) | Generative cryptogram for blockchain data management | |
| US11025575B2 (en) | Message recognition system and method configurable to define new message formats | |
| US20230208911A1 (en) | Visibility of digital assets at channel level | |
| US10498651B1 (en) | Method and system for computer data routing optimization | |
| CN107463638A (en) | File sharing method and equipment between offline virtual machine | |
| US9189299B2 (en) | Framework for system communication for handling data | |
| US10235530B2 (en) | Protecting sensitive information when replicating data to remote systems | |
| US20230267034A1 (en) | System for code base sharing during computing application failure using a distributed register network | |
| US12007981B2 (en) | Blockchain selective world state database | |
| US11567925B2 (en) | Concurrent update management | |
| US20220255990A1 (en) | Topological ordering of blockchain associated proposals | |
| US20220353086A1 (en) | Trusted aggregation with data privacy based on zero-knowledge-proofs | |
| US11683173B2 (en) | Consensus algorithm for distributed ledger technology | |
| US20220171763A1 (en) | Blockchain selective world state database |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |